morphing topic: RE: paypal scam - tracing link
Rick Stevens
rstevens at vitalstream.com
Tue Oct 31 00:40:19 UTC 2006
On Mon, 2006-10-30 at 15:44 -0800, Bob Kinney wrote:
>
> --- A.Fadyushin at it-centre.ru wrote:
>
> >
> > 6) If you are using SSH you can completely disable SSH password
> > authentication and use keys (protected by password on your local
> > workstation) to log in. In this case it would be impossible to guess you
> > password by attempting to login into server via SSH. In this case the
> > server does not use the password for authentication and the key
> > protection password newer exists outside your workstation.
>
>
> I like this idea--minimum 128-bit "passwords". Can you point to a
> how-to link?
Simply generate a DSA or RSA key on your local machine:
$ ssh-keygen [-t dsa]
By default, ssh-keygen creates a RSA keys. Then tack the contents of
the ~/.ssh/id_dsa.pub (or id_rsa.pub) file to the end of the
"~./ssh/authorized_keys" file on the destination machine.
You can then turn off password authentication on the target machine and
it'll only use the keys in the authorized_keys file.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- "You think that's tough? Try herding cats!" -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list