[Watford] SSH Questions

Neel Upadhyaya bahulneel at gmail.com
Tue Sep 16 09:39:57 UTC 2008


For general hardening the NIST guidelines are a good start.

Will send a link when I find it.

2008/9/16 Alain Williams <addw at phcomp.co.uk>

> On Tue, Sep 16, 2008 at 10:12:47AM +0100, Mark Stewart wrote:
> > Hi Everyone,
> >
> > Does anyone know how to prevent the use of passwordless ssh keys? I want
> to
> > prevent users authenticating without a password.
> >
> > In fact if anyone know of any ssh policing tools/faqs that would be
> really
> > usefull. I find it simple securing a server, but when you have 100's of
> > linux desktops I'm unsure on the best way to stop users leaving ssh-agent
> > running all the time or using passwordless keys.
> >
> > Discussion/advise appreciated.
>
> I have had a write up about this for some years:
>
>
> http://www.phcomp.co.uk/TechTutorial/HOWTOs/ssh_passwordless_login.php
>
> Comments/suggestions gratefully received.
>
> --
> Alain Williams
> Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT
> Lecturer.
> +44 (0) 787 668 0256  http://www.phcomp.co.uk/
> Parliament Hill Computers Ltd. Registration Information:
> http://www.phcomp.co.uk/contact.php
> Chairman of UKUUG: http://www.ukuug.org/
> #include <http://www.ukuug.org/#include> <std_disclaimer.h>
>
> _______________________________________________
> Watford mailing list
> Watford at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/watford
>



-- 
MCSE is to computers as McDonalds Certified Chef is to fine cuisine.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/watford/attachments/20080916/9bac2b1b/attachment.htm 


More information about the Watford mailing list