Re: SSH Blocking
On Mon, Apr 25, 2005 at 02:26:04PM -0700, Beretta wrote:
> If you want to elimintate the possibility that one of these scans and/or login
> attempts will eventually succeed (unlikely if you use good passwords), then
> disable root login to ssh and disable password based logins.
That would work great for me right now -- when I'm using my
laptop and I have my laptop's public key in
~/.ssh/authorized_keys on all the remote servers I care
about. But what do I do when I come to a new machine and
want to log into the server? I need to get the public key up
there somehow. So presumably I'd have to
1) scp the new machine's public key to a machine that's
already in authorized_keys;
2) ssh to the pre-authorized machine;
3) scp the new machine's public key to the server from the
pre-authorized machine;
4) ssh from the pre-authorized machine to the server;
5) copy the new machine's public key into authorized_keys;
6) log out of the server;
7) log out of the pre-authorized machine.
Is there a faster way to make this happen?
All of that depends upon always having some remote machine
available that's in the server's authorized_keys file. That
seems risky to me: I'm out on a job and I find that my
server at home needs me to sign into it, but I'm stuck
without a machine from which I can do so.
How do we get around that?
--
Stephen R. Laniel
steve@laniels.org
+(617) 308-5571
http://laniels.org/
Reply to: