ssh allowing root login with no password (Solved)

Wed May 11 08:41:17 UTC 2011

> -----Original Message-----
> From: redhat-list-bounces at redhat.com [mailto:redhat-list-
> bounces at redhat.com] On Behalf Of Steven Buehler
> Sent: 10 May 2011 19:59 PM
> To: 'General Red Hat Linux discussion list'
> Subject: RE: ssh allowing root login with no password (Solved)
> 
> 
> 
> > -----Original Message-----
> > From: redhat-list-bounces at redhat.com [mailto:redhat-list-
> > bounces at redhat.com] On Behalf Of m.roth at 5-cent.us
> > Sent: Tuesday, May 10, 2011 10:28 AM
> > To: General Red Hat Linux discussion list
> > Subject: RE: ssh allowing root login with no password (Solved)
> >
> > Steven Buehler wrote:
> > <snip>
> > > Strangest thing I ever saw.  The problem is solved.  The private
> key
> > > is the key that I installed into my SecureCRT.  If I log into the
> > > server with that key from SecureCRT, then login to my private
> server
> > > and try to ssh
> > to the
> > > server where the public key is installed from my private server
> that
> > > is in a different tab in SecureCRT, it uses the private key on my
> > > local Windows7 laptop.  I have never seen this before.
> >
> > Question: how do the other machines do authentication? Could it be
> that
> > you go to log in, and it authenticates you from a root server?
> >
> >         mark
> >
> 
> No, this is the first time I have ever run across this.  After some
> testing,
> the only thing I can come up with is that once I log in with SecureCRT
> to
> the server, I can open other tabs in SecureCRT to other servers and it
> will
> use the private key that I have saved in my SecureCRT.  This issue does
> not
> happen if I use putty.
> 

What you are talking about is called SSH agent/key forwarding which SecureCRT
supports and makes use of by default (See Connecton -> SSH2 -> Advanced -> 
Enable OpenSSH Agent Forwarding in your session properties). Have a look at
the (-A -a) options in man ssh and the ForwardAgent option in man ssh_config.
Putty has a similar feature but it is not enabled by default (see pagent)

Regards,

-- 
Andre Dill

DISCLAIMER: This email and any files transmitted with it are confidential to DataCash Group plc and its group companies. It is intended only for the person to whom it is addressed. If you have received this email in error, please forward it to info at datacash.com with the subject line.If you are not the intended recipient you must not use, disclose, copy, print, distribute or rely on this email or any transmitted files. DataCash Ltd is registered in England and Wales no. 3430157. DataCash Ltd is part of the DataCash Group plc. DataCash Group plc is registered in England and Wales no. 3168091. DataCash Ltd and DataCash Group plc registered address is Descartes House, 8 Gate Street, London, WC2A 3HP, United Kingdom. 

Save a tree...Please only print this page if essential 