On Monday 01 Sep 2003 2:28 pm, HaywireMac wrote: > On Mon, 1 Sep 2003 07:34:09 +0100 > > Derek Jennings <[EMAIL PROTECTED]> uttered: > > If you want greater security it is possible to configure ssh so that > > only people with matching encryption keys can connect. This is > > described here http://www.mandrakesecure.net/en/docs/openssh.php > > I assumed this was the default config...the first time you "ssh > 192.168.0.3" or whatever, it automagically creates the key, at least it > did for me, to prevent "man in the middle" or other exploits?
Not quite. It is not creating a key. It is putting the IP address of the host in the 'known hosts' file as well as the 'host key' of that host. If the host key changes you will get an alarm when you try to connect. (Possible 'man in the middle') The host key is created when you install ssh. It is not the same as the users ssh key. When you ssh with a key, you do not need to give a password at all because the host has a copy of your public key and will know who you are. derek -- ---------------------------------- www.jennings.homelinux.net http://twiki.mdklinuxfaq.org
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
