John,
>Date: Wed, 28 Mar 2007 16:00:00 +0100 (BST)
>From: "John O'Loughlin" <j.oloughlin@xxxxxxxxxx>
>
>I'm not sure what you mean by parallel, but there is no relationship
>between your standard password and the key pair you generate.
>
>password aging does not affect your keys.
>
Okay... so I'm a bit lost - how can you log onto a box without using your real password, the one that you're prompted for if you don't use the ssh key pair? Does PAM's sshd authentication, which points to system-auth, not get pulled in for validation?
mark
>John
>
>On Wed, 28 Mar 2007, m.roth2006@xxxxxxx wrote:
>
>> So, here's one for the assembled knowledge base here:
>> if I use ssh-keygen to create a key pair, and put the public key on the remote box, so that I can ssh in without being prompted for a password, this leaves me confused about a couple of things:
>> 1) is the ssh key pair in parallel to the real password
>> for the account? That is, if I create a keypair and
>> use either no passphrase, or some password other
>> than my actual password for the account, does ssh
>> go *around* the standard authentication?
>> 2) since the remote box ages passwords, does PAM know
>> that I'm using an ssh key pair, and age *them*,
>> or do I merely have to change my real password in
>> a timely manner, but don't have to regen a new
>> ssh key pair?
>>
>> Thanks in advance.
>>
>> mark
>>
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>
>
>--
>redhat-list mailing list
>unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
>https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
