User: Password:
Subscribe / Log in / New account

SSH: passwords or keys?

SSH: passwords or keys?

Posted Jan 14, 2010 16:22 UTC (Thu) by dps (subscriber, #5725)
Parent article: SSH: passwords or keys?

One option I would like but is not apparently currently implemented would be one that insists on particular host keys. You probably only want access to serious bastion hosts from a few hosts. Stealing a host private key would normally require at least root access.

If you can run arbitrary code as me you can probably extract ssh private keys from the memory of the ssh agent process. If you want extra security then it would be possible to implement a scheme involving a SMS message which contains information required to log in.

Where I live receiving a mobile call or text message is free.

(Log in to post comments)

SSH: passwords or keys?

Posted Jan 14, 2010 19:26 UTC (Thu) by kamil (subscriber, #3802) [Link]

Not exactly what you asked for, but it is possible to restrict access to a list of hostnames/ip addresses using the "from" option in authorized_keys; see sshd(8).

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds