Re: Configuring ssh

[Alan KF LAU <akflau@itsd.gcn.gov.hk>]

My major concern is that if you enabled password authentication you'd
leave your system vulnerable to brute force password attacked as in
TELNET.

Beside, if one could use password authentication, why would one bother
to take all the trouble setting up RSA connection? :)

I did ask question here, whether I could let one group of user use
password authentication(for casual users with limited access) and the
other group of users use RSA(for admin. users who have higher
privileges).

Seem like it's not possible, according to expert opinions here,  for 
current ssh release.

I might be wrong, please advise if it's possible. I wish to know! :)

Thanks!

Alan.  

> 
> 
> Alan KF LAU wrote:
> 
> > Disable Rhost and password authentication, only enable RSA
> > authentication.
> 
> Disableing rhosts yes, because that can cause a whole bunch of trouble. However I
> have a tendancy to leave passwords enabled as I need to access my machines from a
> lot of different places and I don't always carry my RSA key with me. On top of that
> there are some users I have who need access that would be unable (due to general
> incompitence) to set up RSA keys and the like from their boxen.
> 
> 
> > Login with a ssh client with RSA support, like mindterm.
> 
> SecureCRT is a good client although it is commercial.
> 
> 
> 
> 
> Nikolai Lusan
> 
> 
> 
> --  
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 
>