uite un howto rapid:
(iti ia icam 10-15 minute, depinde si de masina pe care compilezi :-) ).
Ai nevoie de:
openssh (eu am folosit 2.9p2, portul pt linux)
ftp.openssh.com
s/key (tot versiunea openbsd portata pe alte *nix, vers 1.5).
http://www.sparc.spb.su/solaris/skey/skey-1.1.5.tar.gz
instalezi s/key (implicit in /usr/local/ ..) [./configure; make; make install :-) ]
desfaci openssh si rulezi configure cu optiunea --with-skey=/usr/local/etc
(unde e fisierul skeykeys); eventual alte potiuni ce mai vrei.
make; make install; implicit se duce tot prin /usr/local,
Eventual editezi /usr/local/etc/sshd_config sa faci testele pe alt port
(eu m-am jucat cu 222 :-) ).
Implicit ssh face fallback la s/key dupa 3 parole aiurea (enter chior de ex :-) )
Pentru ca user gigi sa poata folosi trebuie sa-l 'abonezi' :-) :
[root@hs03 skey]# skeyinit -md5 gigi
[Adding gigi]
Reminder - Only use this method if you are directly connected
or have an encrypted channel. If you are using telnet
or rlogin, exit with no password and use skeyinit -s.
Enter secret password:
Again secret password:
ID bin skey is otp-md5 99 hs0357278
Next login password: PRY LIFE TOG BREW BLED HEAR
Apoi login:
[root@hs03 skey]# ssh localhost -p 222 -l gigi
gigi@localhost's password:
Permission denied, please try again.
gigi@localhost's password:
Permission denied, please try again.
gigi@localhost's password:
otp-md5 97 hs0356592
S/Key Password:
[ apoi pe palm sau de la vreo consola, ceva secure anyway obtii cirnatul :-) ]
[root@hs03 /root]# skey -md5 97 hs0356592
Reminder - Do not use this program while logged in via telnet or rlogin.
Enter secret password:
NOD HIP FOOL CUBE HURT RAM
Si gata!
Poti pune prin sshd_conf implicit optiunea de s/key - trebuie sa pui no pe la
optiunile de autentificare RSA etc.
jk
ps: testat pe un RH7.1
---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
unsubscribe from this list.
