Date: Fri, 20 Jan 2006 18:27:41 -0300 From: Daniel Molina Wegener <dmw@unete.cl> To: Beech Rintoul <akbeech@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: sshd question Message-ID: <20060120212741.GA988@dmw.hopto.org> In-Reply-To: <200601191741.58953.akbeech@gmail.com> References: <200601191741.58953.akbeech@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jan 19, 2006 at 05:41:41PM -0900, Beech Rintoul wrote: > I'm trying to set up ssh to use keys to authenticate on > a remote server. I've always used passwords in the past. > I generated a key pair and exported my public key to > ~/.ssh/authorized_keys on the remote machine. I changed > sshd_config to "PasswordAuthentication no". when I login the > remote machine still asks for a password. What do I change to > just use the key to log in? Well, that's right, but you must set also the next options: ChallengeResponseAuthentication no PermitEmptyPasswords no PasswordAuthentication no IgnoreRhosts yes IgnoreUserKnownHosts yes HostbasedAuthentication no RhostsRSAAuthentication no PubkeyAuthentication yes PermitRootLogin no StrictModes yes This could be more secure. Never allow remote users to gain root access. Instead, put a user in the wheel group to allow this user to run su(1), also, you can setup a user with uid = 0, on another group to maintain the root user a little bit more safe. Also, the logging options are should be these settings. SyslogFacility AUTH LogLevel VERBOSE > Thanks, Best regards... Atte. -- . 0 . | Daniel Molina Wegener . . 0 | dmw at unete dot cl 0 0 0 | FreeBSD Power User
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060120212741.GA988>