Re: Securing SSH

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Tim Alberts wrote:

I got keys setup so I know I'm talking to my server.

This is probably not what he meant. You can use a key pair to authenticate with the SSH server and turn off password authentication entirely. That makes password guessing attacks utterly impossible, because the server will only accept a response signed with your private key.

ssh-keygen -t rsa

or

ssh-keygen -t dsa

generates a key pair. Do this on your local machine, and append the contents of your $HOME/.ssh/id_rsa.pub (or id_dsa if you chose DSA instead of RSA) to your $HOME/.ssh/authorized_keys file on the remote system.

This method is somewhat more complicated to setup, since all users must have public keys in their $HOME/.ssh/authorized_keys file, or they can't login.

Regards
Ingemar
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux