Follow us on...
Follow us on Twitter Follow us on Facebook
Register
Results 1 to 4 of 4
  1. #1
    Woodgie2's Avatar
    Woodgie2 is offline rack mounted
    Join Date
    Jun 2002
    Location
    In front of a computer screen somewhere...
    Posts
    46
    Thanks
    0
    Thanked 0 Times in 0 Posts

    SSH information and tutorials

    At the moment I use ssh in it's most basic form for logging onto another computer and working on it at the command line (my webserver etc.). All this is done on the LAN behind the firewall, so it's 'safe' to have ssh 'open' to the network.

    However, What I'd ideally like is to set up ssh on a computer on the LAN and have it only accecpt connections where keys match, i.e. my laptop, and for it to refuse/drop other connections. Then I can chain ssh sessions to the other computers on the LAN who will only accecpt 'keyed' sessions from this bastion host and my laptop. It has to be this way (going through a bastion host) because my netgear router will only foward traffic for a certain port to a certain host on the network, hence from outside the firewall things will have to be chained to get to another host on the network.

    Is this possible? From what I gather it is. Am I making sense?

    Good!

    The thing is, search as I might I can't seem to find any in depth tutorials on this. Does anyone know of any good tutorials or enen how to set up ssh this way?

    Thanks,
    William
    Her: You are such a jeek
    Me: It's Geek
    Her: SEE!

  2. #2
    legacyb4 is offline Registered User
    Join Date
    Sep 2001
    Location
    Tokyo, Japan
    Posts
    245
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Not sure if this is what you are talking about, but if you change the following on your remote SSH login server:

    [/etc/sshd_config or whatever equivalent SSH server config file]

    PasswordAuthentication no

    This will force public key encryption instead of simply encrypted passwords.

    Cheers.
    Macbook (Black) C2D/120GB/2GB | G5/1.6 250GBx2/1.25GB
    Free Mobile Phone Ringtone, Application, & Screensaver Uploader

  3. #3
    Woodgie2's Avatar
    Woodgie2 is offline rack mounted
    Join Date
    Jun 2002
    Location
    In front of a computer screen somewhere...
    Posts
    46
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by legacyb4
    Not sure if this is what you are talking about, but if you change the following on your remote SSH login server:

    [/etc/sshd_config or whatever equivalent SSH server config file]

    PasswordAuthentication no

    This will force public key encryption instead of simply encrypted passwords.

    Cheers.
    Oooooohhhh, thank 'ee guv. I'll try that, I think I have the other part of the puzzle...
    Her: You are such a jeek
    Me: It's Geek
    Her: SEE!

  4. #4
    mr. k's Avatar
    mr. k is offline Registered User
    Join Date
    Oct 2002
    Location
    mpls. mn
    Posts
    1,386
    Thanks
    0
    Thanked 0 Times in 0 Posts
    heres a tutorial I saw the other day covering ssh/X11 window forwarding: http://smartasfuck.com/info/X11/
    It shows how to run X11 apps remotely, and covers setting up a secure, no password ssh connection like you want.
    iMac G3 600Mhz, 256MB RAM, 40GB HD, 10.3.5
    20GB iPod (Click Wheel) w/ Griffin iTrip // AIM:kjell05

 

 

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •