LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General > LinuxAnswers Discussion
User Name
Password
LinuxAnswers Discussion This forum is to discuss articles posted to LinuxAnswers.

Notices

Reply
 
Search this Thread
Old 09-30-2004, 01:44 PM   #1
jeremy
root
 
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 10,389

Rep: Reputation: 2626Reputation: 2626Reputation: 2626Reputation: 2626Reputation: 2626Reputation: 2626Reputation: 2626Reputation: 2626Reputation: 2626Reputation: 2626Reputation: 2626
Post DISCUSSION: Using Keys with SSH


This thread is to discuss the article titled: Using Keys with SSH
 
Old 10-08-2004, 09:18 PM   #2
kvedaa
Member
 
Registered: Mar 2004
Location: Virginia
Distribution: PacketProtector
Posts: 331

Rep: Reputation: 30
I agree that there is some added risk to using public key authentication with SSH, but this can be mitagated by keeping your private key secure.

I think that this is a better solution then depending on expect scripts, where if you do not want to type in all your passwords in each time you run the script you must embed the passwords in either the script or some other reachable data file.

I am unaware of other options that will allow an administrator to run scripts on remote systems. If your system is too important to risk one of the above situations you can of course avoid both of these, but it means that you will have to manually login these systems when you have work to do, which is workable if you only have a few machines to work with, or if you simply are a glutton for punishment.
 
Old 10-15-2004, 01:59 PM   #3
Luskacik
LQ Newbie
 
Registered: Jan 2004
Posts: 6

Rep: Reputation: 0
using key also for users?

Hi,
I have troubles to work with keys authentification for users.
For root it is going well, but I neet set "PermitRootLogin no" in /etc/ssh/sshd_config it don't work for users.
I think, that it is security requirement to set PermitRootLogin to no.
Is it possible to work also for users?

Luskacik.

------
Correction:
Of course it is possible to log like another user.
# su localuser
$ ssh remoteuser@remotehost

Sorry for so stupid question above. :-)

Last edited by Luskacik; 10-18-2004 at 04:11 AM.
 
Old 11-01-2005, 09:17 AM   #4
sewer_monkey
Member
 
Registered: May 2002
Location: Toronto, ON, Canada
Distribution: Ubuntu, Debian, RedHat/CentOS
Posts: 624

Rep: Reputation: 31
Exclamation A couple of notes...

I don't mean to be splitting hairs here, but I'd like to make the following corrections nonetheless:

The line:
[cpde]% ssh-keygen -t dsa[/code]

has an incorrectly spelled [code] tag, and as such the code box is not being rendered. I don't think this was intentional, just a simple typo on Jeremy's (or whoever posted this) part.

Secondly, I'd like to comment about the following statement:

Quote:
When you attempt to login in to a remote machine, the (local) private key and the (remote) public key are "combined" by the remote server and verified. If the keys match, the remote server permits and establishes your login or file transfer session.
This quote seems to suggest that the private key is actually transmitted to the remote machine (so that the remote machine can use it as part of the authentication process), which is not the case. I think this paragraph would be better rephrased as something like this:

Quote:
When you attempt to login in to a remote machine, the (local) private key and the (remote) public key are used together by the local machine and the remote server respectively as part of the authentication process. If the keys match, the remote server permits and establishes your login or file transfer session.
Just my 2 cents...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh keys exodist Linux - Networking 3 02-16-2005 10:16 AM
SSH keys alon005 Linux - Security 5 10-14-2004 03:39 AM
ssh keys merchtemeagle Linux - Newbie 4 10-12-2004 12:12 AM
Configuring SSH to accept only keys (already have keys) fr0st Linux - Security 3 11-04-2003 03:31 AM
SSh Keys shaggz Linux - General 2 02-19-2003 09:09 PM


All times are GMT -5. The time now is 09:10 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration