Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: publickey/password login

from [Coleman Kane] Network Security [Permanent Link]
Subject: Re: publickey/password login
Date: Tue, 19 Apr 2005 21:07:23 +0000 
On Tue, Apr 19, 2005 at 04:56:17PM +0200, Daniel Gerzo wrote:

Naskladane pomutovane bunky Coleman,

Tuesday, April 19, 2005, 12:56:06 AM, si napisal:


On Mon, Apr 18, 2005 at 07:54:47AM +0200, David E. Meier wrote:

Hi list, just a short question:

Is it possible to configure sshd (SSH-1.99-OpenSSH_3.5p1 on RH 9) to limit
the root user to login using a publickey only while other system user
still can login at the password prompt?

Dave






You could put an invalid character in root's password field (disabling 
password logins)
like * or !. Then you could install public keys in .ssh/authorized_keys. 
Make sure
PermitRootLogin is enabled. That is how I've done that exact thing in the 
past.


if he would do so, he won't be able to log in as root from local
console anymore, so this isn't the best way how to do so.

Dave: please, follow steps which were sent by others...


--
coleman


-- 
Sincerely,

+----------==/\/\==----------+       (__)      FreeBSD
|  DanGer <danger@rulez.sk>  |    \\\'',)      The
| DanGer@IRCnet ICQ261701668 |      \/  \ ^    Power
|   http://danger.rulez.sk   |      .\._/_)    To
+----------==\/\/==----------+                 Serve


I agree, I was not aware of the without-password flag to PermitRootLogin.
Most machines I admin, I do not log in as root. I always just use sudo. Thus,
this solution worked for my experience.

--
coleman
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: X11 Forwarding, Foster, Dale
Next by Date:  RE: X11 Forwarding, Christ, Bryan
Previous by Thread:  Re[2]: publickey/password login, Daniel Gerzo
Next by Thread:  Re: publickey/password login, Jeff Rosowski
Indexes:  [Date] [Thread] [Top] [All Lists]