RE: ssh and keys
- From: "Oluwagbenga Shobowale" <gshobowale@xxxxxxxxxxxxxxxx>
- Date: Wed, 28 Mar 2007 17:20:39 +0100
John,
I think you have missed the point for ssh...
It is just a terminal you use in connecting remotely to a box just like
telnet, the difference is that the traffic between the remote location
and your box is encrypted...hence it is this encryption that the keys
are used for. Hence to get access to the box you would still require the
account that was created for you to logon with. This is where pam comes
in..to authenticate who you are...
-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx
[mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of m.roth2006@xxxxxxx
Sent: Wednesday, March 28, 2007 5:08 PM
To: General Red Hat Linux discussion list
Subject: Re: ssh and keys
John,
Date: Wed, 28 Mar 2007 16:00:00 +0100 (BST)Okay... so I'm a bit lost - how can you log onto a box without using
From: "John O'Loughlin" <j.oloughlin@xxxxxxxxxx>
I'm not sure what you mean by parallel, but there is no relationship
between your standard password and the key pair you generate.
password aging does not affect your keys.
your real password, the one that you're prompted for if you don't use
the ssh key pair? Does PAM's sshd authentication, which points to
system-auth, not get pulled in for validation?
mark
Johnthe remote box, so that I can ssh in without being prompted for a
On Wed, 28 Mar 2007, m.roth2006@xxxxxxx wrote:
So, here's one for the assembled knowledge base here:
if I use ssh-keygen to create a key pair, and put the public key on
password, this leaves me confused about a couple of things:
1) is the ssh key pair in parallel to the real password
for the account? That is, if I create a keypair and
use either no passphrase, or some password other
than my actual password for the account, does ssh
go *around* the standard authentication?
2) since the remote box ages passwords, does PAM know
that I'm using an ssh key pair, and age *them*,
or do I merely have to change my real password in
a timely manner, but don't have to regen a new
ssh key pair?
Thanks in advance.
mark
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
- Follow-Ups:
- RE: ssh and keys
- From: John O'Loughlin
- RE: ssh and keys
- Prev by Date: Re: ssh and keys
- Next by Date: RE: ssh and keys
- Previous by thread: Re: ssh and keys
- Next by thread: RE: ssh and keys
- Index(es):
Relevant Pages
|
