Question about setting up ssh

Walter Dnes waltdnes-SLHPyeZ9y/tg9hUCZPvPmw at public.gmane.org
Sat Jun 12 01:00:06 UTC 2010


On Fri, Jun 11, 2010 at 07:49:24PM -0400, Digimer wrote

> > * set "PasswordAuthentication no" in /etc/ssh/sshd_config on all machines
> 
> This shouldn't be needed. So long as you generated the source 
> user at machine's key RSA keys without a pass-phrase and having the 
> '~/.ssh/id_rsa.pub' keys in your target user at machine's 
> '~/.ssh/authorized_keys' file, the password won't be asked.

  I think you mis-understand that setting.  It's for security.  Setting
it to "no" means that you *CANNOT LOG IN WITH A PASSWORD*; period, end
of story.  The only way in is from a machine with a proper user key.
This entire little LAN is at home behind a NAT'ing router (IPV6 peanut
gallery, please be shut up), but it's good to have that extra layer of
defense.

-- 
Walter Dnes <waltdnes-SLHPyeZ9y/tg9hUCZPvPmw at public.gmane.org>
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list