Since I am not sure who is receiving this email I'm not sure how to proceed
with my question. I am interested in starting a LUG in Petawawa just about
an hour and a half along highway 17 west of Ottawa.
I was there when the KLUG was started in Kingston in 1998/99 but being 1 of
about 6 members
before i start digging through the docs for something subtle that i
missed, i want to make sure i understand the recipe for setting up
passwordless ssh login, and what it *requires* to be possible on both
ends. (i think i already know the answer to this, i just want to be
absolutely sure.)
Hi Rob,
1)
I believe that the location where the SSH server looks for keys can be
configured in /etc in its config fiile.
Is that on a read-only location, too?
2)
Given what you do every day, I think there is some possibility that you are
going to burn the file system on the remote system
On Tue, 19 Mar 2013, Rob Echlin wrote:
Hi Rob,
1)
I believe that the location where the SSH server looks for keys can
be configured in /etc in its config fiile. Is that on a read-only
location, too?
i know about that, here's the sshd_config line for that:
#AuthorizedKeysFile
Sounds like you could put a public key on the target.
Good enough.
Everyone can login to a special remote-supervisor account on some server, to
connect to the target, and that account has the private key.
Then you don't have to get keys from everyone in advance.
With a passwordless connection
On Tue, 19 Mar 2013, Rob Echlin wrote:
Sounds like you could put a public key on the target. Good enough.
Everyone can login to a special remote-supervisor account on some
server, to connect to the target, and that account has the private
key. Then you don't have to get keys from everyone in
On Tue, 19 Mar 2013, Brenda J. Butler wrote:
So, you're saying the big computer has to log in to the little ones
passwordlessly and automatically, and then arrange for the little
ones to log in to itself passwordlessly?
Presumably there is a reason to have a password on the little ones?
If the mini-penguins are R/O, can you set up a protocol -- assuming you
burn the ROM -- to authenticate via an authentication server? Thus all
the mini-penguins can be identical.
JN
On 13-03-19 06:32 PM, Robert P. J. Day wrote:
On Tue, 19 Mar 2013, Brenda J. Butler wrote:
So, you're saying
I only have an observation/comment. Reading the man page you gave for
sshpass there is that security issue of seeing the password in the command
line while it is running.
I read the same issue for AESCrypt but it has an option to read the
password from a file that can be read-only by the user.
On Tue, 19 Mar 2013, Richard P Cook wrote:
I only have an observation/comment. Reading the man page you gave
for sshpass there is that security issue of seeing the password in
the command line while it is running. I read the same issue for
AESCrypt but it has an option to read the password
On Tue, 19 Mar 2013, Prof J C Nash (U30A) wrote:
If the mini-penguins are R/O, can you set up a protocol -- assuming you burn
the ROM -- to authenticate via an authentication server? Thus all the
mini-penguins can be identical.
that's probably more ambitious than people are prepared to get.
11 matches
Mail list logo
