Re: SSH and RSA
Without SSH enabled, I was able to pass my root user account from one
trusted Solaris Box to another with an /.rhost and /etc/host.equiv file.
For example, Doctor would be the solaris hostname and root would be the
account. This leaves a big security hole, so I only activate it when
I am doing backups for about 4-5 hours each month. Maybe someone on
the list can help with the RSA since I am fairly new in that field also
---- Duane Powers <duane@uberLAN.net> wrote:
> Hi all,
> Recently I was made administrator over a dozen Solaris boxen <heh>
> The prior admin was offsite and used ssh with rsa keys to access the
> He allowed root login, and used the RSA key functionality to keep the
> password safe.
> I am not as mature as he was regarding ssh <newbie> and have only used
> ssh as a plug in replacement to telnet, <I tend to not set a different
> p/w during
> ssh-keygen> and simply access the boxes as follows: ssh -l <me> <hostname>
> then I login using the normal p/w that is local to the box. I have
> that he did
> not need to transmit the local password over the tunnel, but rather
> RSA to
> verify his identity, but I can't find documentation on how to do it.
> <man ssh, man ssh-agent, man ssh-add, Practical UNIX & Internet
> Security> does anyone have any information on how I can implement the
> same safeguards? Or where I can at least find some documentation on
> practical ssh implementation.
> As always, You guys are great, thanks in advance for the help,
> The plan was simple. Unfortunately, so was Bullwinkle.
> To UNSUBSCRIBE, email to email@example.com
> with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org
To get your own FREE ZDNet Onebox - FREE voicemail, email, and fax,
all in one place - sign up today at http://www.zdnetonebox.com