That guide was written as a general guide to implementing it so you need to adapt to the environment you are running on. For ubuntu it is
/etc/init.d/ssh reload CentOS is the one in the guide /etc/init.d/sshd reload You don't need to run ssh-agent, that is so you don't get prompted for a password for the key. Towards the end of the post: PasswordAuthentication no That will prevent password based ssh logins, but if your friend ever wanted to login to the machine from another and did not have a key setup he would be up the brown creek without a paddle. By disabling passwords you will take care of 1 and 2 because if the person does not have the key and passwords are off they get denied. If you look at my lockdown post you will see more stuff you can do for ssh security http://pyverted.com/sysadmin/locking-down-your-server/2008/10/ On Fri, Nov 21, 2008 at 11:50 PM, Paul Saenz <[email protected]>wrote: > Using Peter Manis' tutorial on Public Key authentication at URL: > http://pyverted.com/sysadmin/ssh-public-key-authentication/2008/10/ > I was able to get SSH up and running with a public key authentication > on my friend sam's computer. Everything worked great. > I did not execute the commands: > > exec ssh-agent /bin/bash > ssh-add > > until the next day, when I realized that I had not done > it the day before. The two computers were not connected > when I executed these commands. I am assuming that these > commands can be executed on the local machine only, and > the remote machine doesn't need to know about them. > am I correct. > > also, when I did the command: > sudo /etc/init.d/sshd reload > > bash reported: "command not found" > > nevertheless, I want the 2 features that this command provides, > which are: > > 1. Removes the ability to login to the server with a password, you can only > login to the server using a public key. > 2. Limit the machine that you can login from. The remotemach must have the > key for the localmach in the authorized_keys file before authentication can > be performed. > > > Is there something I can to to configure these features, or is there a way > to add > these commands to my bash commands? > Thanks > > > > > ------------------------------ > Access your email online and on the go with Windows Live Hotmail. Sign up > today.<http://windowslive.com/Explore/Hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_access_112008> > > _______________________________________________ > LinuxUsers mailing list > [email protected] > http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers > > -- Peter Manis (678) 269-7979
