Got hacked?
Darrin Chandler
dwchandler at stilyagin.com
Fri Feb 23 14:37:29 MST 2007
On Fri, Feb 23, 2007 at 01:49:27PM -0700, Jim wrote:
> > Is there a compelling reason you need password authentication for ssh?
> > It's very easy to generate public keys and use those. You can even keep
> > one on a thumb drive to use if you have to. Then turn OFF password
> > authentication (PasswordAuthentication no) in your sshd_config.
>
> I tried to get this working on my windows box, but haven't been able to
> yet. I changed sshd_config so that sshd listens only on the IP address
> of the nic that's connected only to the windows box.
>
> Hopefully this will make things a bit more difficult for them.
Yes, restricting access to only the IPs that need it is fine, if you
have the option.
As for getting it working on the Windows box - not sure what software
you're using on the Windows side, but I've seen them produce correct
keys, but not formatted the way sshd on the Unix side wants it.
The Windows stuff usually produces a multi-line key, formatted as "ASCII
Armored." To place this in ~/.ssh/authorized_keys on Linux it should be
a single line like "ssh-rsa AAA...9iD= you at domain" but much longer. :)
--
Darrin Chandler | Phoenix BSD Users Group
dwchandler at stilyagin.com | http://bsd.phoenix.az.us/
http://www.stilyagin.com/darrin/ |
More information about the PLUG-discuss
mailing list