As far as I could tell, you cant set up key-only auth in the CLI. If
you drop an authorized_keys file in to each user's ~/.ssh directory,
and set PasswordAuthentication=no in sshd.conf you will enable key-
only auth.
------------------
Aubrey Wells
Senior Engineer
Shelton | Johns Technology Group
404.478.2790
Support: [EMAIL PROTECTED]
www.sheltonjohns.com
On Feb 4, 2008, at 2:00 PM, Jostein Martinsen-Jones wrote:
Yes, i did change the root password asap!
I would much like to see a configuration snippet on how to use rsa-
keys.
Can I use several rsa-keys so i can login as different users?
2008/2/4, Nathan McBride <[EMAIL PROTECTED]>:
Yup sure is. I have setup my vyatta router to only allow rsa keys.
Did you change your root password from 'vyatta'?
Nate
On Mon, 2008-02-04 at 18:13 +0100, Jostein Martinsen-Jones wrote:
> Hi
> I am only using ssh. Is it possible to have rsa-keys for all users,
> including vyatta?
> Maybe the attackers managed to brute force my password?
> This is very anoying since I have to reinstall the machine tomorrow
> and doesn't know what went wrong. Haven't had time to check the logs
> either.
>
> How does the user configuration look for you other guys and girls?
>
>
> 2008/2/4, Stig Thormodsrud <[EMAIL PROTECTED]>:
> Hi Jostein,
>
>
>
> Are you using telnet or ssh to access the box? Using telnet
> in not secure from a public network as the username/password
> is in clear text.
>
>
>
> stig
>
>
>
>
>
______________________________________________________________
> From:[EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
Of
> Jostein Martinsen-Jones
> Sent: Monday, February 04, 2008 2:43 AM
> To: Dave Strydom
> Cc: vyatta-users@mailman.vyatta.com
> Subject: Re: [Vyatta-users] Vyatta box hacked?
>
>
>
>
> Jupp, I think i have an intruder, the ip 202.172.171.217
isn't
> known to me at all.
> I am the only one knowing the root password, and I have not
> logged in those times that last are showing.
>
> root pts/0 202.172.171.217 Mon Feb 4 05:21 -
> 07:38 (02:16)
> root pts/0 202.172.171.217 Sat Feb 2 14:54 -
> 16:05 (01:11)
> root pts/0 202.172.171.217 Fri Feb 1 23:51 -
> 23:57 (00:05)
> root pts/0 202.172.171.217 Fri Feb 1 13:49 -
> 17:18 (03:29)
>
> How did this happen?
> I changed all the passwords on install to 8 character long,
> using numbers and letters.
> This is from my old config, are plaintext-password
supposed to
> be blank?
>
> # show system login
> user root {
> authentication {
> encrypted-password: "$1$nZxxxxxxsgXC/"
> plaintext-password: ""
> }
> }
> user vyatta {
> authentication {
> encrypted-password: "$1$yyyyyyyyyyyt0/"
> plaintext-password: ""
> }
> }
>
> 2008/2/4, Dave Strydom <[EMAIL PROTECTED]>:
>
> Login to your router as root and run:
>
> # last | more
>
> and see if there are any logins to your machine which you do
> not recognize.
>
>
>
> On Feb 4, 2008 12:05 PM, Jostein Martinsen-Jones
> <[EMAIL PROTECTED]> wrote:
> > I got mail from another linux user today. He complained
> about login attempts
> > to his boxes, from my vyatta router!
> > Am I haxored or what? This is from his log and the "ip"
> 12.34.56.78 are my
> > router.
> >
> > Feb 2 18:11:39 88.191.40.120 sshd[30444]: (pam_unix)
> authentication
> > failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=12.34.56.78 user=root
> > Feb 2 18:11:40 88.191.40.120 sshd[30444]: Failed password
> for invalid user
> > root from 12.34.56.78 port 42492 ssh2
> > Feb 2 18:11:46 88.191.40.120 sshd[30450]: User root from
> 12.34.56.78 not
> > allowed because not listed in AllowUsers
> > Feb 2 18:11:46 88.191.40.120 sshd[30450]: (pam_unix)
> authentication
> > failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=12.34.56.78 user=root
> > Feb 2 18:11:48 88.191.40.120 sshd[30450]: Failed
password
> for invalid user
> > root from 12.34.56.78 port 42926 ssh2
> > Feb 2 18:11:54 88.191.40.120 sshd[30456]: User root from
> 12.34.56.78 not
> > allowed because not listed in AllowUsers
> > Feb 2 18:11:54 88.191.40.120 sshd[30456]: (pam_unix)
> authentication
> > failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=12.34.56.78 user=root
> > Feb 2 18:11:56 88.191.40.120 sshd[30456]: Failed password
> for invalid user
> > root from 12.34.56.78 port 43408 ssh2
> > Feb 2 18:11:56 88.191.40.120 sshd[30494]: refused
connect
> from 12.34.56.78
> > (12.34.56.78)
> > _______________________________________________
> > Vyatta-users mailing list
> > Vyatta-users@mailman.vyatta.com
> > http://mailman.vyatta.com/mailman/listinfo/vyatta-users
> >
> >
> _______________________________________________
> Vyatta-users mailing list
> Vyatta-users@mailman.vyatta.com
> http://mailman.vyatta.com/mailman/listinfo/vyatta-users
>
>
>
>
>
>
> _______________________________________________
> Vyatta-users mailing list
> Vyatta-users@mailman.vyatta.com
> http://mailman.vyatta.com/mailman/listinfo/vyatta-users
_______________________________________________
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
_______________________________________________
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
