I have used "Public key authentication before" as described by
http://the.earth.li/~sgtatham/putty/0.53b/htmldoc/Chapter8.html#8. The
user's passwords were never enabled on the host. A public key part of
public/private key had to be supplied by each user desiring access to
the host. What bothers me is that root has to have a password. All the
other users are using public key authentication, but poor old root is
just hanging out in the breeze. I could not find a way to turn on
public key authentication for root. I played with /etc/securetty. I
wanted to disable remote access by root but allow another user to use
public key to access the server, then su to root. One problem arises if
I disable root's password, then the console of the server is useless.
At times a person still has to logon at the server as root, but public
key authentication is not available there. My google searches produced
RFCs, etc., but nothing meaningful.
Has anyone tried this?
Is there too much paranoia here? Should I just be happy that the whole
session for root is encrypted?
Or someone has done this, but I am approaching it in the wrong manor?
Any thoughts or pointers would be appreciated.
Greg Morgan
-------------------------------------------------------
This SF.NET email is sponsored by: FREE SSL Guide from Thawte
are you planning your Web Server Security? Click here to get a FREE
Thawte SSL guide and find the answers to all your SSL security issues.
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
- Re: [leaf-user] Public key authentication and root Greg Morgan
- Re: [leaf-user] Public key authentication and root Brad Fritz
- AW: [leaf-user] Public key authentication and root Alex Rhomberg
