[Sderby] SSH
Clive Jones
sderby at mailman.lug.org.uk
Thu Oct 17 00:00:00 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday 17 Oct 2002 12:20 am, Mini Mike wrote:
> The way I understand it, when you connect to an SSH server, it passes you
> the public key to encrypt the information you send to it. you can then log
> onto the server securly. I was thinking of opening port 22 on my server,
> so that I can SSH in from the internet. If I have 22 open, it means that
> people can play the password guessing game. Given that they don't know the
> userID, it will be resonable secure, but I am thinking that if you stop the
> public key from being givem out and manually carry it on a USB flash drive.
The best thing to do in this case is disable userid/password authentication,
and use a private key. Check out the man pages for ssh-keygen, and change
the password athentication to no in your sshd config file. You can then put
your private key on the usb drive or on a floppy. That will give you better
security and is less hassle than changing the way that ssh works.
HTH
C.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE9re9G+prcXMebSWQRAvvzAJ0U+/jYvO373UJELdN0CnsUytTYkwCfSIaB
LhVrEvZfkvcEAnQRxko5oz0=
=bXjk
-----END PGP SIGNATURE-----