[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SSH and RSA

Hash: SHA1

Duane Powers wrote:

> Hi all,
> Recently I was made administrator over a dozen Solaris boxen <heh>
> The prior admin was offsite and used ssh with rsa keys to access the boxes. > He allowed root login, and used the RSA key functionality to keep the root
> password safe.
> I am not as mature as he was regarding ssh <newbie> and have only used
> ssh as a plug in replacement to telnet, <I tend to not set a different
> p/w during
> ssh-keygen> and simply access the boxes as follows: ssh -l <me> <hostname>
> then I login using the normal p/w that is local to the box. I have found
> that he did
> not need to transmit the local password over the tunnel, but rather used
> RSA to
> verify his identity, but I can't find documentation on how to do it.
> <man ssh, man ssh-agent, man ssh-add, Practical UNIX & Internet
> Security> does anyone have any information on how I can implement the
> same safeguards? Or where I can at least find some documentation on
> practical ssh implementation.

> As always, You guys are great, thanks in advance for the help,

Some notes: this example is done with OpenSSH
from a Debian/GNU Linux Box to a Sun Enterprise 250 running Solaris 8
SSH Protocol Version 1.5
if you need it I can send you a example with Protocol Version 2.

[me@localbox ]$ ssh-keygen
[me@localbox ]$ cd ~/.ssh
[me@localbox ]$ scp identity.pub root@remotebox:/.ssh/me@localbox.pub
[me@localbox ]$ ssh -l root remotebox
[root@remotebox]$ cd ~/.ssh
[root@remotebox]$ pwd
[root@remotebox]$ cat me@localbox.pub >> authorized-keys
[root@remotebox]$ exit
[me@localbox ]$ ssh -l root remotebox

Now enter the passphrase you've used when you kreated your keys with ssh-keygen and that's it :-)

greets Doc aka. Uwe A. P. Wuerdinger
- --
X-Tec GmbH
Institute for Computer and Network Security
WWW : http://www.x-tec.de/

Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org


Reply to: