-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday 02 October 2003 03:35 pm, Matt Miller wrote:
> Simply enable PubkeyAuthentication only (disable PasswordAuthentication),
> setup rsa/dsa keys for root (protect with a passphrase), and add the pubkey
> to authorized_keys. Without the private key, no one can remotely ssh as
> root to your box.
Errr, I should clarify more. Keys are setup to be used for root. In other
words, user jsmith generates keys (if they already haven't), and copy/append
their id_dsa.pub or id_rsa.pub to /root/.ssh/authorized_keys.
Without jsmith's private key, no one would be able to ssh as root on that box.
- --
Matt Miller
Senior Sun Engineer
WellCare
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/fIPmIomZUAi8ewYRAuAlAKCm9bjkdLGjw9kOsz4fJZx7OC1CkQCcCOxy
SEJMnzI0Pofj4ciB6AF6CWA=
=0OPP
-----END PGP SIGNATURE-----
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:47:42 EDT