Re: host keys authentication

From: "Scott Ruckh" <sruckh@xxxxxxxxxxx>
Date: Thu, 20 Mar 2008 22:44:01 -0700

From: redhat-list-bounces@xxxxxxxxxx
[mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Johan Booysen
Sent: 20 March 2008 08:58
To: General Red Hat Linux discussion list
Subject: host keys authentication

I have an FTP server using SSH for secure file uploads/downloads. Users
are chrooted into their home directories, and it works very well.

Now we have the requirement that a client wants to upload/download via
some or other automated process or script, so I need to work out how to
do that via host keys or something similar. I understand generating
keys using ssh-keygen, and so on, but I'm not sure of the specifics of
allowing a user or machine on the client side to automatically
authenticate using public keys, and making sure that they are then still
chrooted into their home folder on the FTP server.

Can anyone point me in the right direction? I've been googling it, but
haven't really hit upon a good source of information for this kind of
setup yet.

Are you saying the client is going to be using SFTP and/or SCP and you would like to use Public Key Authentication (PKA) with no password? Or are you trying to use FTP/s or something entirely different? What are the clients, and what are the client platforms that will need to be supported?

If you are trying to implement SFTP/SCP with PKA you might take a look at http://www.pizzashack.org/rssh/ or http://olivier.sessink.nl/jailkit/. I successfully implemented both for setting up accounts for SFTP/SCP only access along with PKA for password-less logins.

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

Follow-Ups:
- Re: host keys authentication
  - From: Steve Phillips

References:
- logging in as root at the console
  - From: Bill Tangren
- Re: logging in as root at the console
  - From: Bill Tangren
- Re: logging in as root at the console
  - From: Rupesh
- host keys authentication
  - From: Johan Booysen
- RE: host keys authentication
  - From: Johan Booysen
- RE: host keys authentication
  - From: Johan Booysen

Prev by Date: RE: host keys authentication
Next by Date: Re: question about pam_tally and the faillog
Previous by thread: RE: host keys authentication
Next by thread: Re: host keys authentication
Index(es):
- Date
- Thread

Relevant Pages

Re: D3 b-tree problem
... Pushing a tool past the limits of what ... dates to gather the required keys. ... using D3's ability to see the spooler entries as a regular item. ... > I have a client who is experiencing some problems with SELECTs on a very ...
(comp.databases.pick)
Re: Enterprose Manager after user password change
... XP client machines with a non-Domain account. ... > registered servers when the user's network password is changed. ... Saving the keys and restoring ... > password should be written to the registry. ...
(microsoft.public.sqlserver.security)
Re: Client connect without host service running?
... Incoming clients cannot connect via ssh unless openssh is running. ... openssh caches the keys in memory... ... I went to the ssh client and compared the host ...
(comp.security.ssh)
Re: Best Practice: Table Primary Key
... Do not create keys on the client side and allow the database to solve ... Use MSDE on the client and work up replication between client and server. ... > Should I 'never use an AutoIncrement again'? ...
(microsoft.public.dotnet.framework.adonet)
passwordless ssh logins _STILL_ not working - help needed.
... I am trying to allow _all users_ on CLIENT to login to ... SERVER without a password. ... I am not interested in user keys _at all_ ...
(freebsd-questions)