LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 01-09-2013, 10:09 AM   #1
linuxStudent11
Member
 
Registered: Jun 2007
Posts: 120

Rep: Reputation: 17
Remote ssh login (passwords useless), and local login (using password)


How can I set up my ubuntu account so I can login remotely using ssh using only a keygen block like:
ssh -i mysecret.pem myself@myIPAddress
I assume mysecret.pem is a private key on my laptop while far far away.

and locally WITH a password such that it is never possible to login remotely using that password without the keyblock?

I'll probably set up a nonstandard ssh port so I'll need to modify an ssh config file somewhere in my machine to listen (also?) on that nonstandard port. My firewall would forward only that nonstandard port.

Or is there something I don't understand about keys?
 
Old 01-09-2013, 01:30 PM   #2
lykwydchykyn
Member
 
Registered: Mar 2006
Location: Tennessee, USA
Distribution: Debian, Ubuntu
Posts: 135

Rep: Reputation: 36
Normally what I do is create a key on my remote system, like so:

Code:
ssh-keygen -t rsa
If you want no-password, don't specify a passcode here; though it's fair to warn that this is considered bad security by the people who consider such things.

Next, I copy it up to my (password-enabled) ssh server:
Code:
ssh-copy-id -i ~/.ssh/id_rsa.pub someremoteserver
After that's done, you should be able to login via ssh from that specific device (or any other device to which you've copied id_rsa.pub) without a password.

Now you lock down ssh so that it doesn't accept passwords. In /etc/ssh/sshd_config on the server:
Code:
PasswordAuthentication no
Restart ssh and you're done. This is no way affects the way local console logins work; they'll continue to accept passwords as normal.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Remote SSH Login Require User Password Change jbarcia Linux - Security 1 02-28-2012 02:00 AM
ssh login without password from local to remote, and further to another remove? goshng Linux - General 1 04-16-2011 06:37 AM
[SOLVED] Remote access problem-no ssh;local console rapid scrolling screen no login prompt kapshure Linux - Newbie 2 11-08-2010 04:41 PM
[SOLVED] SSH login problem for additional users after password-less login setup uncle-c Linux - Newbie 3 02-10-2010 12:51 PM
remote login screen but need local login lastkey Ubuntu 0 12-13-2006 01:41 AM


All times are GMT -5. The time now is 08:35 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration