On Fri, Feb 23, 2007 at 01:49:27PM -0700, Jim wrote:
> > Is there a compelling reason you need password authentication for ssh?
> > It's very easy to generate public keys and use those. You can even keep
> > one on a thumb drive to use if you have to. Then turn OFF password
> > authentication (PasswordAuthentication no) in your sshd_config.
>
> I tried to get this working on my windows box, but haven't been able to
> yet. I changed sshd_config so that sshd listens only on the IP address
> of the nic that's connected only to the windows box.
>
> Hopefully this will make things a bit more difficult for them.
Yes, restricting access to only the IPs that need it is fine, if you
have the option.
As for getting it working on the Windows box - not sure what software
you're using on the Windows side, but I've seen them produce correct
keys, but not formatted the way sshd on the Unix side wants it.
The Windows stuff usually produces a multi-line key, formatted as "ASCII
Armored." To place this in ~/.ssh/authorized_keys on Linux it should be
a single line like "ssh-rsa AAA...9iD= you@domain" but much longer. :)
--
Darrin Chandler | Phoenix BSD Users Group
dwchandler@stilyagin.com | http://bsd.phoenix.az.us/
http://www.stilyagin.com/darrin/ |
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)