[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: SSH authenticate root and nonroot user

From: Stuart Sears <stuart sjsears com>
To: redhat-list redhat com
Subject: Re: SSH authenticate root and nonroot user
Date: Tue Feb 3 06:53:04 2004

On Tuesday 03 Feb 2004 11:41, diego veiga embraer com br wrote:
> Hi guys,
>
> I would like to configure ssh for root only authenticate with public key
> and nonroot user authenticate with user and password.
> How can I do this?
as root:
ssh-keygen -t dsa
then copy the resulting key (/root/.ssh/id_dsa.pub) to the destination machine 
as
/root/.ssh/authorised_keys

if you want to set no passphrase you may do so, but I _strongly_ recommend you 
do not. This is host-based authentication - anyone who can get access to your 
system as root can ssh without a password to any destination machine with 
this key on it - lose your laptop, give up all your security.
Alternatively, set passphrases and use ssh-agent and ssh-add to manage your 
keys - one password per session, keys held in memory.
incidentally, you can do this as normal users too - just create the key as the 
user you wish to ssh as...

Stuart
--
Stuart Sears RHCE/RHCX

References:
- SSH authenticate root and nonroot user
  - From: diego . veiga

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]