Re: SSH and RSA

To: Duane Powers <duane@uberLAN.net>, debian-security@lists.debian.org
Subject: Re: SSH and RSA
From: "Uwe A. P. Wuerdinger" <wuerdinger@x-tec.de>
Date: Tue, 20 Feb 2001 09:36:04 +0100
Message-id: <3A922C74.80605@x-tec.de>
References: <3A91627A.1080700@uberLAN.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Duane Powers wrote:

> Hi all,
>
> Recently I was made administrator over a dozen Solaris boxen <heh>

> The prior admin was offsite and used ssh with rsa keys to access theboxes.> He allowed root login, and used the RSA key functionality to keep theroot

> password safe.
> I am not as mature as he was regarding ssh <newbie> and have only used
> ssh as a plug in replacement to telnet, <I tend to not set a different
> p/w during

> ssh-keygen> and simply access the boxes as follows: ssh -l <me><hostname>

> then I login using the normal p/w that is local to the box. I have found
> that he did
> not need to transmit the local password over the tunnel, but rather used
> RSA to
> verify his identity, but I can't find documentation on how to do it.
> <man ssh, man ssh-agent, man ssh-add, Practical UNIX & Internet
> Security> does anyone have any information on how I can implement the
> same safeguards? Or where I can at least find some documentation on
> practical ssh implementation.

>
> As always, You guys are great, thanks in advance for the help,

Some notes: this example is done with OpenSSH
from a Debian/GNU Linux Box to a Sun Enterprise 250 running Solaris 8
SSH Protocol Version 1.5
if you need it I can send you a example with Protocol Version 2.

[me@localbox ]$ ssh-keygen
[me@localbox ]$ cd ~/.ssh
[me@localbox ]$ scp identity.pub root@remotebox:/.ssh/me@localbox.pub
[me@localbox ]$ ssh -l root remotebox
[root@remotebox]$ cd ~/.ssh
[root@remotebox]$ pwd
/.ssh
[root@remotebox]$ cat me@localbox.pub >> authorized-keys
[root@remotebox]$ exit
[me@localbox ]$ ssh -l root remotebox

Now enter the passphrase you've used when you kreated your keys withssh-keygen and that's it :-)



greets Doc aka. Uwe A. P. Wuerdinger
- --
X-Tec GmbH
Institute for Computer and Network Security
WWW : http://www.x-tec.de/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6kiwUt+9CfNoR4PERAoWOAJ9bhJmZKl++Q4206jYCMdbuWh3GqwCgnarR
NlfOEep6Mu3i7okvVU8Ur0I=
=h9ZT
-----END PGP SIGNATURE-----

Reply to:

References:
- SSH and RSA
  - From: Duane Powers <duane@uberLAN.net>

Prev by Date: Re: Debian or Linux 7???
Next by Date: Re: Anti Virus for Debian
Previous by thread: Re: SSH and RSA
Next by thread: Re: SSH and RSA
Index(es):
- Date
- Thread