[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: morphing topic: RE: paypal scam - tracing link

From: Rick Stevens <rstevens vitalstream com>
To: Getting started with Red Hat Linux <redhat-install-list redhat com>
Subject: Re: morphing topic: RE: paypal scam - tracing link
Date: Mon, 30 Oct 2006 17:12:07 -0800

On Mon, 2006-10-30 at 17:00 -0800, Bob Kinney wrote:
> 
> --- Rick Stevens <rstevens vitalstream com> wrote:
> 
> > On Mon, 2006-10-30 at 15:44 -0800, Bob Kinney wrote:
> > > 
> > > --- A Fadyushin it-centre ru wrote:
> > > 
> > > > 
> > > > 6) If you are using SSH you can completely disable SSH password
> > > > authentication and use keys (protected by password on your local
> > > > workstation) to log in. In this case it would be impossible to guess you
> > > > password by attempting to login into server via SSH. In this case the
> > > > server does not use the password for authentication and the key
> > > > protection password newer exists outside your workstation.
> > > 
> > > 
> > > I like this idea--minimum 128-bit "passwords".  Can you point to a 
> > > how-to link?
> > 
> > Simply generate a DSA or RSA key on your local machine:
> > 
> > 	$ ssh-keygen [-t dsa]
> > 
> > By default, ssh-keygen creates a RSA keys.  Then tack the contents of
> > the ~/.ssh/id_dsa.pub (or id_rsa.pub) file to the end of the
> > "~./ssh/authorized_keys" file on the destination machine.
> > 
> > You can then turn off password authentication on the target machine and
> > it'll only use the keys in the authorized_keys file.
> 
> 
> So how would I "carry," and "input," my public key for remote login?

Put it on a small flash disk.  I carry a little USB 128MB flash disk on
my keychain ($4.95) that has my DSA key on it.  I use

	ssh -i /path/to/flashcard/id_dsa

to access it.  A typical DSA key looks like:

ssh-dss AAAAB3NzaC1kc3MAAACBAPs7QxxxxxxxxW6GPKzm18ITO08NtyuwdtwA
+Z7beYeBiyyBCqtlvYgPcZztzD4
+85vJkhuLKKyL0MfIunsmG/SwyuHh78vJyGAyUpaZCupBtppnfxrSXiCh/uJpHyGLT2veS3S5zY5P9e8br4AMBM2SPbmGCuYrCFjt0+t642shAAAAFQCoOMkiuY80x0LR5cgpAt2fvVHUYQAAAIB65hFF/7wYXZmCIloYpWDaBNa71FAbWTUy5vDh4OJGjyK7sEg2FfXtiHJZappSgLF75Q18OCaVlhaOjq50OMu6duaFuCSRusY73K+181z3P114FXS3gd4DeVqyNcUGetzFjC+Y7mojWy6AdjbuiX1+hFwgRg4XWsZRl3322yk5JgAAAIBlE8Q/gAOy/6nuBJryUBCcpONvCDZT+2kdy+KoOzKh6uXJkRdJRHENUA26tZcKXX3LxaBagMC4S15MwOH3M90NEEnHx55RfvSTMs9SF/EQcHnfsDJUtrhlOeMfmlkq5crhBMEx8BMmTQaZQQ4fjcMaz6F4uXu7evdvHFipx119ag== root nprophead corp publichost com

(all on one line, of course).  You can also passphrase protect the key
when you generate it if you wish, and the above command will ask you for
the passphrase when you try to use it.

----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens vitalstream com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-      Always remember you're unique, just like everyone else.       -
----------------------------------------------------------------------

Follow-Ups:
- Re: morphing topic: RE: paypal scam - tracing link
  - From: Bob Kinney

References:
- Re: morphing topic: RE: paypal scam - tracing link
  - From: Bob Kinney

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]