Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 11 May 2003 11:30:00 +0100
From:      Scott Mitchell <scott+freebsd@fishballoon.org>
To:        Daniela <dgw@liwest.at>
Cc:        Kirill Pisman <anyher@ngs.ru>
Subject:   Re: Why is port 22 open by default?
Message-ID:  <20030511103000.GB8616@tuatara.fishballoon.org>
In-Reply-To: <200305110041.39601.dgw@liwest.at>
References:  <20030509000921.P66401-100000@alpha.yumyumyum.org> <200305101108.13319.dgw@liwest.at> <20030510122815.F79934@ndhn.yna.cnyserzna.pbz> <200305110041.39601.dgw@liwest.at>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, May 11, 2003 at 12:41:39AM +0000, Daniela wrote:
> Just one question: Why isn't rsa/dsa key authentication the default?
> Is it hard to set up? Are there other drawbacks?

Public key authentication should be enabled by default.  Once you have all
the right keys in the right places it should just work, then you can turn
off password-based authentication.

It's not really hard to set up, but there's several steps so it's easy to
mess up the first time you try it.  Googling for 'ssh public key setup'
finds various pages that will walk you through the whole process.  Remember
that the public key stays on the server, while the private key needs to be
distributed to clients, which might seem backwards at first.  And make sure
you choose a good passphrase to secure the private key!

	Scott

-- 
===========================================================================
Scott Mitchell           | PGP Key ID | "Eagles may soar, but weasels
Cambridge, England       | 0x54B171B9 |  don't get sucked into jet engines"
scott at fishballoon.org | 0xAA775B8B |      -- Anon



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030511103000.GB8616>