|
Hello,
I'm setting up an Linux server for the internet.
I only admitt ssh connections protocol 2 from users which I know.
I'm using OpenSSH_2.1.1. Anyway I like to configured the server in the following way
(for security resons):
User should be only admitted to
login:
1.) If they installed the servers
"ssh_host_dsa_key.pub" by hand to their own computer into the
"~/.ssh/known_hosts2" file or into
"/etc/ssh/ssh_known_hosts2" file. Automatic transfer of the servers
public key should not be allowed (possible).
2.) If they hand over to me there
"id_dsa.pub" which I copy to the "~/.ssh/authorized_keys2"
file.
This both mesurements ensure that there is a
save authentication (via DSA) with one delicated client computer.
In case somebody take's over this delicated
computer (for example in break..)
3.) If they do a additional password authentication every time
they login via ssh.
How do I have to configure the sshd.conf file
(and may be the users authorized_key2 file on the server)
Thank you for your help.
regards
Michael Klug
|
