LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 11-12-2012, 11:28 PM   #1
swaxolez
LQ Newbie
 
Registered: Jun 2012
Posts: 6

Rep: Reputation: Disabled
Unattended remote ssh login


I have numerous remote client machines that perform unattended rsync backups using a private/public key pair. What is the best way to protect the private key? If I use a passphrase then ssh will ask for it everytime it executes from a cron job. This client machine is only on every 20 minutes for about a minute only. Can I respond to the ssh passphrase request using a compiled c program. I know the c program can be reverse engineered but expect this would be too much of a hassle. Any ideas would be greatly appreciated.

Thanks
 
Old 11-13-2012, 11:54 AM   #2
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 13.1
Posts: 1,320

Rep: Reputation: 252Reputation: 252Reputation: 252
Depending on the environment, maybe it’s possible to use hostbased authentication?
 
Old 11-13-2012, 11:56 AM   #3
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 13.1
Posts: 1,320

Rep: Reputation: 252Reputation: 252Reputation: 252
Or as an alternative: log in from the server to the clients by SSH and create a reverse tunnel by -R which is used by rsync.
 
Old 11-13-2012, 12:05 PM   #4
swaxolez
LQ Newbie
 
Registered: Jun 2012
Posts: 6

Original Poster
Rep: Reputation: Disabled
My remote clients are operating on cellular USB sticks and therefore limit me to remotely logging into them. What I'm currently thinking now is using a chroot jail and rbash combination to limit what they can do if they get a private key.
 
Old 11-16-2012, 06:13 AM   #5
Turbocapitalist
Member
 
Registered: Apr 2005
Distribution: Ubuntu, Debian, OS X (bsd)
Posts: 156

Rep: Reputation: 30
ssh-agent

You could load the keys into ssh-agent. That would allow entering the passphrase just once while the keys are used many times. It can take a little bit of planning to get it right for a cron job but it is doable.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
remote unattended slackware install bartgymnast Slackware 3 08-12-2009 11:23 AM
Unattended remote installation [GOD]Anck Slackware 0 08-18-2008 07:49 AM
Remote login with SSH, but display on remote computer. brodin Linux - Software 3 09-09-2007 04:01 AM
ssh remote login sKAApGIF Linux - Networking 4 11-22-2006 08:13 AM
ssh remote login help LAdProg2005 Linux - Networking 2 10-05-2005 01:39 PM


All times are GMT -5. The time now is 12:21 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration