In message <000001c19ac3$3d79feb0$0200a8c0@slacker>, "Kevin Lisciotti" writes:
>
> I would like to set up a linux based shell server for my "windows
> friends" who would like to learn more about the linux/unix os and to
> learn some shell scripting etc. I have 3+ years of linux
> use/administration so I pretty much know what I am doing. I would set up
> the box with ssh using public key authentication only (possibly
> including ip addresses), no passwords. What I am looking for is possibly
> a whitepaper or how-to on setting up a secure shell server. I have
> looked on sans.org and linuxdoc.org but have come up empty.
You have 2 options:
i) use openssh, and install from RPM (or something similar); go to
rpmfind.net to find the package, or go to www.openssh.org. If you
are not using a platform for which they have a package, just compile
from source and install according to directions.
ii) use SSH.com's SSH - go to www.ssh.com, and download the source, compile
and install according to their instructions.
I've done both. It's almost trivial. I'd recommend SSH.com's
implementation because they have both the Windows and the Unix side. (Not
that openssh won't work -- it's just that I haven't tried it.)
You will need to set passwords up for your users, anyway. A passwordless
account is a big security hole. Your users will have to generate a keypair
on their home (Windows) machine, then put the public key in a special place
in their home directory on your (Linux) machine. You should read the man
pages for ssh-keygen, ssh-agent, and ssh-add (for SSH.com's version).
Cheers,
--Dave Chin
[EMAIL PROTECTED]
