On 10/22/2010 09:43 AM, Joachim Schipper wrote:
On Thu, Oct 21, 2010 at 07:46:50PM +0200, Bret S. Lambert wrote:
On Thu, Oct 21, 2010 at 05:38:54PM +, Jay K wrote:
My ideal setup would be:
1) no passwords (* in /etc/passwd or via vipw)
2) only ssh for remote access
i.e. no
On Tue, Oct 26, 2010 at 04:24:04AM -0700, Russell wrote:
On 10/22/2010 09:43 AM, Joachim Schipper wrote:
On Thu, Oct 21, 2010 at 07:46:50PM +0200, Bret S. Lambert wrote:
On Thu, Oct 21, 2010 at 05:38:54PM +, Jay K wrote:
My ideal setup would be:
1) no passwords (* in /etc/passwd or
On Tue, Oct 26, 2010 at 8:24 AM, Joachim Schipper
joac...@joachimschipper.nl wrote:
On Tue, Oct 26, 2010 at 04:24:04AM -0700, Russell wrote:
On 10/22/2010 09:43 AM, Joachim Schipper wrote:
On Thu, Oct 21, 2010 at 07:46:50PM +0200, Bret S. Lambert wrote:
On Thu, Oct 21, 2010 at 05:38:54PM
On Thu, Oct 21, 2010 at 07:46:50PM +0200, Bret S. Lambert wrote:
On Thu, Oct 21, 2010 at 05:38:54PM +, Jay K wrote:
My ideal setup would be:
1) no passwords (* in /etc/passwd or via vipw)
2) only ssh for remote access
i.e. no password-based security, only something better
On Thu, Oct 21, 2010 at 05:38:54PM +, Jay K wrote:
My ideal setup would be:
1) no passwords (* in /etc/passwd or via vipw)
2) only ssh for remote access
i.e. no password-based security, only something better
3) except console, where anyone should be able to login
without
You can get almost the same thing by setting PasswordAuthentication to
no
in your sshd_config file, and hand out empty or ridiculously simple
passwords
for the console (honestly, who would forget yermomsawhore as a
password?).
How do I limit their use to the console?
If say I ssh in as
On Fri, Oct 22, 2010 at 1:01 PM, Jay K jay.kr...@cornell.edu wrote:
You can get almost the same thing by setting PasswordAuthentication to
no
in your sshd_config file, and hand out empty or ridiculously simple
passwords
for the console (honestly, who would forget yermomsawhore as a
On Fri, Oct 22, 2010 at 10:01:17AM +, Jay K wrote:
You can get almost the same thing by setting PasswordAuthentication to
no
in your sshd_config file, and hand out empty or ridiculously simple
passwords
for the console (honestly, who would forget yermomsawhore as a
password?).
login.
Right? So I'm back to the earlier point.
Thanks,
- Jay
Date: Fri, 22 Oct 2010 13:11:44 +0300
Subject: Re: password-less console-only access and ssh remote access?
From: tomas.bod...@gmail.com
To: jay.kr...@cornell.edu
CC: bret.lamb...@gmail.com
login.
Right? So I'm back to the earlier point.
Thanks,
- Jay
Date: Fri, 22 Oct 2010 13:11:44 +0300
Subject: Re: password-less console-only access and ssh remote access?
From: tomas.bod...@gmail.com
To: jay.kr...@cornell.edu
CC: bret.lamb...@gmail.com
Turn off sudo and don't put users you don't want to have root in the
wheel group.
I find what you want to be questionable though.
But can't they still run login?
Why questionable?
I want security and convenience.
I don't consider passwords to be either.
physical security + ssh is what I
I believe you can do something like this. but I see it not really
making you more secure, still questionable
sed s/secure/insecure/g /etc/ttys /tmp/temp; mv /tmp/temp /etc/ttys
Mark
On Fri, Oct 22, 2010 at 3:56 PM, Jay K jay.kr...@cornell.edu wrote:
Turn off sudo and don't put
- Jay
Date: Fri, 22 Oct 2010 13:11:44 +0300
Subject: Re: password-less console-only access and ssh remote access?
From: tomas.bod...@gmail.com
To: jay.kr...@cornell.edu
CC: bret.lamb...@gmail.com; misc@openbsd.org
On Fri, Oct 22, 2010 at 1:01 PM, Jay
If I chroot then I can't do much at all right?
Unless I replicate/link like the entire system, minus login.
You sai'd that you want to limit them, not I.
I just don't want them to be able to login as root.
And I don't want a password for root.
If they are on the console though, ok
On Fri, Oct 22, 2010 at 11:53 PM, Jay K jay.kr...@cornell.edu wrote:
If I chroot then I can't do much at all right?
Unless I replicate/link like the entire system, minus login.
You sai'd that you want to limit them, not I.
I just don't want them to be able to login as root.
B And I don't
My ideal setup would be:
1) no passwords (* in /etc/passwd or via vipw)
2) only ssh for remote access
i.e. no password-based security, only something better
3) except console, where anyone should be able to login
without any password (granted, I only have two users, root and jay)
16 matches
Mail list logo