sshd sans etre root
Bonjour,
tout d'abord merci pour les reponses que j'ai eu sur mon probleme de sshd sans
etre root.
D'apres le bouquin "ssh the secure shell" de chez o'reilly chapitre 5.2.2 :
"Any user can run sshd [...] A server run by an ordinary user has some
disadvantages : It runs under the uid of the ordinary user, not root, so it
can connect only to that user's account"
Voila ce que j'ai fait (sous l'id edouard):
mkdir mon_beau_serveur_ssh
cd mon_beau_serveur_ssh
ssh-keygen -N '' -b 1024 -f hostkey
touch config_vide
sshd -h hostkey -p 2345 -f config_vide
bon alors la si j'ai bien compris je devrais avoir un serveur ssh fonctionnel.
maintenant tjrs sous le meme id je tente un ssh -p 2345 localhost
et ben ca marche pas !
il me demande mon password plusieur fois, mais ne l'accepte jamais.
je suppose que c'est a cause des shadow password lisible uniquement par le
root. J'ai pas pu essayer avec une machine sans shadow suite.
J'ai pense qu'en utilisant un clef a la place d'un password ca marcherais :
voila ce que j'ai fait :
edouard@jean-gibbon:~/mon_beau_serveur_ssh$ ssh-keygen
Generating RSA keys: Key generation complete.
Enter file in which to save the key (/home/edouard/.ssh/identity):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/edouard/.ssh/identity.
Your public key has been saved in /home/edouard/.ssh/identity.pub.
The key fingerprint is:
d4:2f:b6:b6:53:41:87:28:bb:ab:3b:02:d7:e9:f6:f1 edouard@jean-gibbon
edouard@jean-gibbon:~/mon_beau_serveur_ssh$ ssh-agent $SHELL
edouard@jean-gibbon:~/mon_beau_serveur_ssh$ ssh-add
Need passphrase for /home/edouard/.ssh/identity
Enter passphrase for edouard@jean-gibbon:
Identity added: /home/edouard/.ssh/identity (edouard@jean-gibbon)
edouard@jean-gibbon:~/mon_beau_serveur_ssh$ ssh -v localhost -p 2345
SSH Version OpenSSH_2.3.0p1, protocol versions 1.5/2.0.
Compiled with SSL (0x0090600f).
debug: Reading configuration data /etc/ssh/ssh_config
debug: Seeding random number generator
debug: ssh_connect: getuid 1000 geteuid 1000 anon 0
debug: Connecting to localhost [127.0.0.1] port 2345.
debug: Connection established.
debug: Remote protocol version 1.5, remote software version OpenSSH_2.3.0p1
debug: no match: OpenSSH_2.3.0p1
debug: Local version string SSH-1.5-OpenSSH_2.3.0p1
debug: Waiting for server public key.
debug: Received server public key (768 bits) and host key (1024 bits).
debug: Forcing accepting of host key for loopback/localhost.
debug: Seeding random number generator
debug: Encryption type: 3des
debug: Sent encrypted session key.
debug: Installing crc compensation attack detector.
debug: Received encrypted confirmation.
debug: Trying RSA authentication via agent with 'edouard@jean-gibbon'
debug: Server refused our key.
debug: RSA authentication using agent refused.
debug: Trying RSA authentication with key 'edouard@jean-gibbon'
debug: Server refused our key.
debug: Doing password authentication.
edouard@localhost's password:
Et la il ne prend pas ma clef, et il me redemande mon password (et ca ne
marche toujours pas)
Est ce que qqn a une idee du probleme ?
merci beaucoup pour votre aide (et desole pour la longueur du message)
edouard
Reply to: