How do I gracefully exit/shutdown a "remote" machine?
CLIFFORD ILKAY
clifford_ilkay-biY6FKoJMRdBDgjK7y7TUQ at public.gmane.org
Thu Jul 21 23:07:30 UTC 2005
On July 21, 2005 15:32, James Knott wrote:
> CLIFFORD ILKAY wrote:
> > On July 21, 2005 07:05, Peter wrote:
> >>On Wed, 20 Jul 2005, CLIFFORD ILKAY wrote:
> >>>I disable remote root access on all my machines. How about
> >>>disallowing password auth completely and only allowing key based
> >>>auth? The drawback of that is if I have to ssh into one of my
> >>>machines from a machine which does not have my private key, I
> >>>would have to upload my private key there first, which I do not
> >>>like doing even though it is protected with a strong passphrase.
> >>
> >>Get a disk on key and put putty and ssh statically compiled on
> >> it, along with your keys and minimal tools to use them.
> >
> > I already have that but it does not help when I have to ssh from
> > a remote host to another remote host. How would I plug in this
> > disk on key to a machine in say, Germany, when I am in Toronto so
> > that the machine in Germany could access my private RSA key on
> > the disk on key? Perhaps I could do some sort of remote mount to
> > avoid having to copy my private key onto the remote server.
>
> ?????
>
> When you use a key in ssh, you need the key on the computer you're
> connecting from. You carry that around on the USB disk and plug it
> in when you need it. However, as always, when using those keys,
> you have to place the corresponding key on the server first.
I am aware of that. What if the computer I am connecting from is not
in front of me? A is the computer in front of me. B and C are remote
hosts, one in Belgium and the other in Germany. I connect to B from
A. I need to connect to C from B. B has my pub key on it but not my
private key. C does not accept password auth. I know this can be done
with ssh agent forwarding but I have not investigated it yet to
figure how or even if it can be done in a secure manner. My solution
for now, as imperfect as it is, is to copy my private key to B and
delete it after using it to establish the connection between B and C.
--
Regards,
Clifford Ilkay
Dinamis Corporation
3266 Yonge Street, Suite 1419
Toronto, ON
Canada M4N 3P6
+1 416-410-3326
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list