castanyes blaves

Random ramblings about some random stuff, and things; but more stuff than things -- all in a mesmerizing and kaleidoscopic soapbox-like flow of words.

12/22/2005

 
nice simple ssh tip in latest Redhat magazine

# Create a file in the user's home directory named .shosts with at least one entry:

clienthostname.clientdomain.com username

This file must be read/write for this user only:

# chown username:username ~username/.shosts

# chmod 600 ~username/.shosts

# Edit the /etc/ssh/sshd_config file and add the following options:

HostbasedAuthentication yes

IgnoreRhosts no

# Run the command:

# ssh-keyscan -t dsa clienthostname >> /etc/ssh/ssh_known_hosts

(for dsa encryption)

Restart the SSH server:

# service sshd restart

On the client:

# Edit the /etc/ssh/ssh_config file and under Host *, add the following options:

HostbasedAuthentication yes

EnableSSHKeysign yes


posted by avilella  # 9:40 AM
Comments: Post a Comment

Subscribe to Post Comments [Atom]





<< Home

Archives

200409   200412   200501   200502   200503   200504   200505   200506   200507   200508   200509   200510   200511   200512   200601   200602   200603   200604   200605   200606   200607   200608   200609   200610   200611   200612   200701   200702   200703   200704   200705   200707   200708   200709   200710   200711   200712   200801   200802   200803   200804   200805   200806   200807   200808   200809   200810   200811   200812   200901   200902   200903   200904   200905   200906   200907   200908   200909   200912   201001   201002   201003   201004   201007   201009   201011   201102  

This page is powered by Blogger. Isn't yours?

Subscribe to Posts [Atom]