Matt Ruzicka wrote:
On Wed, 24 Jan 2007, Gabriel Rossetti wrote:
The user needing to log in is root (I know this is not good and
turned off by default), so I re-enabled root login with ssh but like
I said above, I get a password
prompt when I do : ssh -l root machine2 whoami
Not sure if there is more going on as well, but you might want to set
PermitRootLogin without-password in your sshd_config on the server you
are trying to access. This /should/ give you a bit more security in
that someone won't be able to brute force your root password if I
understand it, but will allow you to login using the sshd keys (if
they are set up properly). Might also check file and directory perms
on .ssh and the different key and authorized_keys2 files involved if
you haven't already, seems perms often bite me..
I have rwx for user and nothing for group and others. Thanks for the
safety tip, I'll do that. I added the -v param to ssh and I found this :
debug1: Remote: Your host 'machine2' is not permitted to use this key
for login.
after playing around with it I found two problems :
1) FreeBSD uses ~/.ssh/authorized_keys and not ~/.ssh/authorized_keys2
like linux
2) I had put :
from=machine1 ssh-rsa [base64 key, eg: ABwBCEAIIALyoqa8]
to limit from where I can login, in my ~/.ssh/authorized_keys and it
doesn't seem to like that (from=machine1 )
any ideas why it doesn't like the 2nd point?
Thanks,
Gabriel
Matt Ruzicka - Senior Systems Administrator
FRII
970-212-0728 [EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]