LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 07-14-2006, 10:03 AM   #1
thobias.reaper
LQ Newbie
 
Registered: Dec 2005
Distribution: Debian Sid
Posts: 2

Rep: Reputation: 0
ssh-pam module configuration


I recently discovered the ssh-pam package. It authenticates the user by his ssh key at login and sets up the ssh-agent for the session. I think it is pretty smart, because the user only needs to enter one password for both login and ssh access. I wondered what the safest way is to set this up and if there are things to keep in mind to prevent bad things from happening. I would also like to know how the people here at LQ manage all the ssh/gnupg/pgp/certificates/loop-aes keys that they use on a daily basis.
 
Old 07-16-2006, 10:24 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,987
Blog Entries: 54

Rep: Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742
I think your sshd needs to be compiled with -lpam support for this. "Safest" includes all the "usual" measures you would take for securing network access ssh: phrases instead of single words, pubkeys instead of passwords, not allowing root access, firewall only allowing access from known accounts (or ranges, and only if possible), PAM (listfile) only allowing access to known accounts, etc etc.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
winbind pam module paul_mat Linux - Networking 0 12-21-2005 11:22 PM
PAM problem with module pam_time.so giacomolg Linux - Security 1 11-27-2004 07:50 AM
PAM configuration! leandrop Linux - Security 5 10-28-2004 09:12 AM
Configuring /etc/pam.d/passwd module plexus Linux - Security 2 05-25-2004 07:55 PM
Writting PAM Module for custom authentication? existo Linux - Networking 0 05-05-2004 05:07 PM


All times are GMT -5. The time now is 04:54 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration