Thanks Peter, and that's a great lockdown tutorial, IMHO Date: Sat, 22 Nov 2008 01:16:44 -0500 From: [email protected] To: [email protected] Subject: Re: [LinuxUsers] SSH Public Key Authenticatio
That guide was written as a general guide to implementing it so you need to adapt to the environment you are running on. For ubuntu it is /etc/init.d/ssh reload CentOS is the one in the guide /etc/init.d/sshd reload You don't need to run ssh-agent, that is so you don't get prompted for a password for the key. Towards the end of the post: PasswordAuthentication no That will prevent password based ssh logins, but if your friend ever wanted to login to the machine from another and did not have a key setup he would be up the brown creek without a paddle. By disabling passwords you will take care of 1 and 2 because if the person does not have the key and passwords are off they get denied. If you look at my lockdown post you will see more stuff you can do for ssh security http://pyverted.com/sysadmin/locking-down-your-server/2008/10/ On Fri, Nov 21, 2008 at 11:50 PM, Paul Saenz <[email protected]> wrote: Using Peter Manis' tutorial on Public Key authentication at URL: http://pyverted.com/sysadmin/ssh-public-key-authentication/2008/10/ I was able to get SSH up and running with a public key authentication on my friend sam's computer. Everything worked great. I did not execute the commands: exec ssh-agent /bin/bash ssh-add until the next day, when I realized that I had not done it the day before. The two computers were not connected when I executed these commands. I am assuming that these commands can be executed on the local machine only, and the remote machine doesn't need to know about them. am I correct. also, when I did the command: sudo /etc/init.d/sshd reload bash reported: "command not found" nevertheless, I want the 2 features that this command provides, which are: 1. Removes the ability to login to the server with a password, you can only login to the server using a public key. 2. Limit the machine that you can login from. The remotemach must have the key for the localmach in the authorized_keys file before authentication can be performed. Is there something I can to to configure these features, or is there a way to add these commands to my bash commands? Thanks Access your email online and on the go with Windows Live Hotmail. Sign up today. _______________________________________________ LinuxUsers mailing list [email protected] http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers -- Peter Manis (678) 269-7979 _________________________________________________________________ Get more done, have more fun, and stay more connected with Windows MobileĀ®. http://clk.atdmt.com/MRT/go/119642556/direct/01/
