DISCUSSION: Using Keys with SSH
This thread is to discuss the article titled: Using Keys with SSH
I agree that there is some added risk to using public key authentication with SSH, but this can be mitagated by keeping your private key secure.
I think that this is a better solution then depending on expect scripts, where if you do not want to type in all your passwords in each time you run the script you must embed the passwords in either the script or some other reachable data file.
I am unaware of other options that will allow an administrator to run scripts on remote systems. If your system is too important to risk one of the above situations you can of course avoid both of these, but it means that you will have to manually login these systems when you have work to do, which is workable if you only have a few machines to work with, or if you simply are a glutton for punishment.
using key also for users?
I have troubles to work with keys authentification for users.
For root it is going well, but I neet set "PermitRootLogin no" in /etc/ssh/sshd_config it don't work for users.
I think, that it is security requirement to set PermitRootLogin to no.
Is it possible to work also for users?
Of course it is possible to log like another user.
# su localuser
$ ssh remoteuser@remotehost
Sorry for so stupid question above. :-)
A couple of notes...
I don't mean to be splitting hairs here, but I'd like to make the following corrections nonetheless:
[cpde]% ssh-keygen -t dsa[/code]
has an incorrectly spelled [code] tag, and as such the code box is not being rendered. I don't think this was intentional, just a simple typo on Jeremy's (or whoever posted this) part.
Secondly, I'd like to comment about the following statement:
|All times are GMT -5. The time now is 11:37 PM.|