sshd question
Daniel Molina Wegener
dmw at unete.cl
Fri Jan 20 13:25:40 PST 2006
On Thu, Jan 19, 2006 at 05:41:41PM -0900,
Beech Rintoul wrote:
> I'm trying to set up ssh to use keys to authenticate on
> a remote server. I've always used passwords in the past.
> I generated a key pair and exported my public key to
> ~/.ssh/authorized_keys on the remote machine. I changed
> sshd_config to "PasswordAuthentication no". when I login the
> remote machine still asks for a password. What do I change to
> just use the key to log in?
Well, that's right, but you must set also the next options:
ChallengeResponseAuthentication no
PermitEmptyPasswords no
PasswordAuthentication no
IgnoreRhosts yes
IgnoreUserKnownHosts yes
HostbasedAuthentication no
RhostsRSAAuthentication no
PubkeyAuthentication yes
PermitRootLogin no
StrictModes yes
This could be more secure. Never allow remote users to gain
root access. Instead, put a user in the wheel group to allow
this user to run su(1), also, you can setup a user with uid =
0, on another group to maintain the root user a little bit more
safe.
Also, the logging options are should be these settings.
SyslogFacility AUTH
LogLevel VERBOSE
> Thanks,
Best regards...
Atte.
--
. 0 . | Daniel Molina Wegener
. . 0 | dmw at unete dot cl
0 0 0 | FreeBSD Power User
More information about the freebsd-questions
mailing list