More Linux Remote Networking Tips and Tricks (part 2) - page 2
Setting It Up
Next, make sure that /etc/ssh/sshd_config on the server has these lines:
RSAAuthentication yes
PubkeyAuthentication yes
If you need to change /etc/ssh/sshd_config, restart the SSH daemon after you save your changes:
# /etc/init.d/ssh restart
Digg
del.icio.us
Slashdot
DZone
Reddit
StumbleUpon
Facebook
FriendFeed
Furl
Newsvine
Google
LinkedIn
MySpace
Technorati
Twitter
Windows Live
YahooBuzzNow try logging in with the new key:
[carla@localhost .ssh]$ ssh -i id_remotepc alrac@remotepc
Last login: Wed Oct 21 09:06:59 2009 from 192.168.2.131
alrac@remotepc:~$
Hurrah, it works. Password logins are still enabled; to restrict logins to public key logins only, disable password logins by editing /etc/ssh/sshd_config with these lines:
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
Then restart the SSH server:
# /etc/init.d/ssh restart
And test password logins once more:
# [carla@localhost .ssh]$ ssh alrac@remotepc
Permission denied (publickey).
|
Other Stories on LinuxPlanet
|
Very good, now only public key authentication works. You may use both if you prefer; you don't have to choose one or the other. Usually on the LAN users want more openness rather than more restrictions, and then using public key authentication is a nice convenience because you can grant access to more users without giving them system account passwords, or streamline your own SSH-surfing. Remote logins over the Internet definitely need to be more locked-down, so we'll learn how to do that in Part 3.
Doing All This Without Moving
You can do all this without ever leaving your chair, if you have SSH already enabled on your computers. Suppose you are sitting at Computer A, and follow the steps in this article to log in from Computer B. You can then log remotely into Computer B to allow logging in from Computer A. And so on. You can even restart OpenSSH without getting disconnected.
Carla Schroder is the author of the Linux Cookbook and the Linux Networking Cookbook (O'Reilly Media), the upcoming "Build a Digital Recording Studio with Audacity" (NoStarch Press), a lifelong book lover, and the managing editor of LinuxPlanet and Linux Today.
- Skip Ahead
- 1. Setting It Up
- 2. Setting It Up
Solid state disks (SSDs) made a splash in consumer technology, and now the technology has its eyes on the enterprise storage market. Download this eBook to see what SSDs can do for your infrastructure and review the pros and cons of this potentially game-changing storage technology.
