Comments on: SSH without authentication or share ssh connection http://midnight-cafe.co.uk/linux/ssh-without-authentication-or-share-ssh-connection/ Sun, 05 Feb 2012 22:55:01 +0000 http://wordpress.org/?v=2.6.2 By: Torgny Bjers http://midnight-cafe.co.uk/linux/ssh-without-authentication-or-share-ssh-connection/#comment-53 Torgny Bjers Tue, 11 Nov 2008 16:21:50 +0000 http://midnight-cafe.co.uk/?p=294#comment-53 hilbert00: In this specific case he's logging in with a root account. If you have root access to the server to begin with, why would you not just enable public key authentication in the SSH server? hilbert00: In this specific case he’s logging in with a root account. If you have root access to the server to begin with, why would you not just enable public key authentication in the SSH server?

]]> By: hilbert00 http://midnight-cafe.co.uk/linux/ssh-without-authentication-or-share-ssh-connection/#comment-51 hilbert00 Mon, 10 Nov 2008 17:28:20 +0000 http://midnight-cafe.co.uk/?p=294#comment-51 Thanks Torgny, I'm extensively using public keys to login remote computers, but there are some cases in which this is not possible, mainly: -> When the server disable this kind of authentication -> And when the login is also doing a kerberos authentication for the AFS environment. In these cases having the shared connection can be useful. Can you better detail which are these security issues involved? thanks again Thanks Torgny, I’m extensively using public keys to login remote computers, but there are some cases in which this is not possible, mainly:

-> When the server disable this kind of authentication
-> And when the login is also doing a kerberos authentication for the AFS environment.

In these cases having the shared connection can be useful. Can you better detail which are these security issues involved?

thanks again

]]> By: Torgny Bjers http://midnight-cafe.co.uk/linux/ssh-without-authentication-or-share-ssh-connection/#comment-50 Torgny Bjers Mon, 10 Nov 2008 16:07:52 +0000 http://midnight-cafe.co.uk/?p=294#comment-50 There are a lot of security reasons for not using this method. I would recommend using public key authentication instead. I found this seemingly good how-to on Google, I am sure you could find more if you needed to: sial.org/howto/openssh/publickey-auth/ There will be no need to enter a password except if you create one for the private key. As long as you do not distribute the private part of the key it will be as secure as it gets. There are a lot of security reasons for not using this method. I would recommend using public key authentication instead. I found this seemingly good how-to on Google, I am sure you could find more if you needed to:

sial.org/howto/openssh/publickey-auth/

There will be no need to enter a password except if you create one for the private key. As long as you do not distribute the private part of the key it will be as secure as it gets.

]]> By: hilbert00 http://midnight-cafe.co.uk/linux/ssh-without-authentication-or-share-ssh-connection/#comment-49 hilbert00 Mon, 10 Nov 2008 15:04:37 +0000 http://midnight-cafe.co.uk/?p=294#comment-49 Very interesting, are there any security issues in doing so? Very interesting, are there any security issues in doing so?

]]> By: Angelo http://midnight-cafe.co.uk/linux/ssh-without-authentication-or-share-ssh-connection/#comment-54 Angelo Mon, 10 Nov 2008 10:18:30 +0000 http://midnight-cafe.co.uk/?p=294#comment-54 Torgny You can use this trick for all type of users it is not necessary that user must be root. In case of user other than root you will have to upload config file in .ssh directory of particular user i have mentioned it in post. Also it is helpful when you accessing server from such machine where you don't have private key. Torgny
You can use this trick for all type of users it is not necessary that user must be root. In case of user other than root you will have to upload config file in .ssh directory of particular user i have mentioned it in post.

Also it is helpful when you accessing server from such machine where you don’t have private key.

]]>