For anybody who hasn’t seen it, this is a nice writeup for locking down SSH
https://stribika.github.io/2015/01/04/secure-secure-shell.html
--
Louis Kowolowskilou...@cryptomonkeys.org
Cryptomonkeys: http://www.cryptomonkeys.com/
Some time in the past I lost key authentication when connecting from my
laptop to my server. Password works, but that's sent clear text so I want to
get the server's /etc/ssh/sshd_config correct.
When I try to connect to my server this is the output:
[rshepard@caddis ~]$ ssh -v salmo
Some time in the past I lost key authentication when connecting from my
laptop to my server. Password works, but that's sent clear text so I want
to
get the server's /etc/ssh/sshd_config correct.
When I try to connect to my server this is the output:
[rshepard@caddis ~]$ ssh -v salmo
Hello Rich,
I suspect that something happened to your ~/.ssh/authorized_keys file on
salmo, or you have a different user on salmo than on caddis, or something
happened to your private key on caddis.
To tackle those in the revers order, run this commands on caddis and post
the output here:
ls
On Sat, 7 Feb 2015, Robert Citek wrote:
I suspect that something happened to your ~/.ssh/authorized_keys file on
salmo, or you have a different user on salmo than on caddis, or something
happened to your private key on caddis.
Robert,
Salmo's the server (running sshd) while caddis is the
On 2/7/2015 12:36 PM, Rich Shepard wrote:
-rw-r--r-- 1 root root 242153 Dec 9 18:31 moduli
-rw-r--r-- 1 root root 1574 Mar 27 2014 ssh_config
-rw-r--r-- 1 root root 1574 Feb 7 09:37 ssh_config.works
-rw--- 1 root root668 Nov 8 2010 ssh_host_dsa_key
-rw-r--r-- 1 root root
On Sat, 7 Feb 2015, Russell Senior wrote:
Uh, no. Your password is still encrypted, not plain text. The reason
people prefer keys is that passwords (particularly bad ones) can be
brute-forced. If you *can* use passwords, you are just as vulnerable. If
you allow passwords, pick good ones, and
On 02/07/15 11:38, Rich Shepard wrote:
Some time in the past I lost key authentication when connecting from my
laptop to my server. Password works, but that's sent clear text so I want to
get the server's /etc/ssh/sshd_config correct.
When you use password authentication with ssh, the
On Sat, 7 Feb 2015, Robert Citek wrote:
You should have either the id_dsa* or id_rsa* pair of key files, or both
sets, as I do. The *.pub extension is just the public key portion. If you
do not have either, generate an RSA key pair with this command, accepting
the defaults when prompted:
$
Rich == Rich Shepard rshep...@appl-ecosys.com writes:
Rich [...] Password works, but that's sent clear text so [...]
Uh, no. Your password is still encrypted, not plain text. The reason
people prefer keys is that passwords (particularly bad ones) can be
brute-forced. If you *can* use
On Sat, 7 Feb 2015, Jim Garrison wrote:
Oops, I was unclear in my last email. On salmo the public key goes in
authorized_keys as a single (long) line. This is in ~/.ssh of the user ID
you'll be logging in as.
Jim,
Yeah, it's easy to be ambiguous with ~/.ssh/ :-)
Here's salmo/~/.ssh/
On Sat, 7 Feb 2015, Rich Shepard wrote:
Some time in the past I lost key authentication when connecting from my
laptop to my server. Password works, but that's sent clear text so I want to
get the server's /etc/ssh/sshd_config correct.
Fixed. I mis-moved id_dsa to authorized_keys; when I
On Sat, 7 Feb 2015, Ken Stephens wrote:
Since you have setup you keys. Why not use ssh-copy-id and distribute
them?
Ken,
'Cause only I need to remotely access the network and that's from my
laptop.
Regards,
Rich
___
PLUG mailing list
On Sat, 7 Feb 2015, Jim Garrison wrote:
OK, now in that directory do
mv id_dsa.pub authorized_keys
Nuts! Still get the error message, Permission denied (publickey).
It wasn't this difficult to properly configure ssh years ago when I first
did it; wonder why it's fighting so hard now.
On Sat, 7 Feb 2015, Galen Seitz wrote:
When you use password authentication with ssh, the password is encrypted.
galen,
I thought so, but either a man page or some other doc suggested it was
clear text.
Thanks,
Rich
___
PLUG mailing list
15 matches
Mail list logo