SSH information and tutorials

Discussion in 'Networking & Compatibility' started by Woodgie2, Mar 1, 2004.

  1. Woodgie2

    Woodgie2 rack mounted

    Joined:
    Jun 27, 2002
    Messages:
    46
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    Professional Geek
    Location:
    In front of a computer screen somewhere...
    At the moment I use ssh in it's most basic form for logging onto another computer and working on it at the command line (my webserver etc.). All this is done on the LAN behind the firewall, so it's 'safe' to have ssh 'open' to the network.

    However, What I'd ideally like is to set up ssh on a computer on the LAN and have it only accecpt connections where keys match, i.e. my laptop, and for it to refuse/drop other connections. Then I can chain ssh sessions to the other computers on the LAN who will only accecpt 'keyed' sessions from this bastion host and my laptop. It has to be this way (going through a bastion host) because my netgear router will only foward traffic for a certain port to a certain host on the network, hence from outside the firewall things will have to be chained to get to another host on the network.

    Is this possible? From what I gather it is. Am I making sense?

    Good!

    The thing is, search as I might I can't seem to find any in depth tutorials on this. Does anyone know of any good tutorials or enen how to set up ssh this way?

    Thanks,
    William
     
  2. legacyb4

    legacyb4 Registered

    Joined:
    Sep 24, 2001
    Messages:
    245
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Tokyo, Japan
    Not sure if this is what you are talking about, but if you change the following on your remote SSH login server:

    [/etc/sshd_config or whatever equivalent SSH server config file]

    PasswordAuthentication no

    This will force public key encryption instead of simply encrypted passwords.

    Cheers.
     
  3. Woodgie2

    Woodgie2 rack mounted

    Joined:
    Jun 27, 2002
    Messages:
    46
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    Professional Geek
    Location:
    In front of a computer screen somewhere...
    Oooooohhhh, thank 'ee guv. I'll try that, I think I have the other part of the puzzle...
     
  4. mr. k

    mr. k Registered

    Joined:
    Oct 7, 2002
    Messages:
    1,386
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    high school student
    Location:
    mpls. mn
    heres a tutorial I saw the other day covering ssh/X11 window forwarding: http://smartasfuck.com/info/X11/
    It shows how to run X11 apps remotely, and covers setting up a secure, no password ssh connection like you want.
     

Share This Page