Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Hostbased Authentication
Top Forums UNIX for Advanced & Expert Users Hostbased Authentication Post 302452414 by Kesavan on Friday 10th of September 2010 09:13:24 AM
Old 09-10-2010
Data
Quote:
Originally Posted by zaxxon
No worries. It applies to any machine where a sshd is running. ssh_config is for client config and sshd_config is for server config. If there is a acting as a server, you have to edit it's /etc/ssh/sshd_config and restart it's sshd, plus editing the hosts.equiv to your needs. If you come from another box like a pc with putty or ssh client from a linux box for example, you do not have to edit or restart anything on the client.

i did the configurations, i enabled the HostbasedAuthentication yes in both the ssh_config of client and sshd_config of server. Then i added the the client hostname and ip in the following manner in etc/hosts.equiv file of the server.

clienthost ip

but when i gave ssh server from the client it is asking for the password.
Please correct me if i were wrong in any of the above mentioned scenarios...
 

10 More Discussions You Might Find Interesting

1. Cybersecurity

Password Authentication

I would like to know how to validate an unix password from shell script (If is possible) Thanks very much ;) (3 Replies)
Discussion started by: juan_o_morillo
3 Replies

2. UNIX for Advanced & Expert Users

Netcat with Authentication?

I'd like to do a data transfer without encryption but with a guarantee that my data comes from a legit source. I'm thinking something that uses a public key scheme to sign the data. Does anyone know of something like that? Thanks! -Pileofrogs (1 Reply)
Discussion started by: pileofrogs
1 Replies

3. Forum Support Area for Unregistered Users & Account Problems

authentication of new user

I recently registered, but never received the email with the instructions for authenticating my account. I confirmed my email in in the profile looks correct. I found and clicked the link to resend the authentication email. I clicked that link two days ago and I still don't have the email. It... (1 Reply)
Discussion started by: dwallace
1 Replies

4. Solaris

authentication problem

Sir, We are using windows amd solaris systems on my company when ever we are sharing the files from windows to solaris it was asking authentication as a administrator i can share the if normal user wants to share the files from windows to solaris every time i have to go and type the username and... (1 Reply)
Discussion started by: ambavaram
1 Replies

5. Linux

evolution authentication

We are using fedora 8 on my system in that we are using evolution for checking mail we have configured mail server on fedora 8 in another system earlier when i was open the evolution it was asking password for authentication from last two days whenever i open the evolution it was not asking... (1 Reply)
Discussion started by: ambavaram
1 Replies

6. Red Hat

samba authentication

Hi friends, I have a requirement is to authenticate samba users seperately. 1. Linux samba server 2. Linux Client 3. Need to mount samba share on linux client permanently without providing credentials. 4. when user is accessing that mount point need to be prompted for credentials. ... (1 Reply)
Discussion started by: arumon
1 Replies

7. UNIX for Advanced & Expert Users

PAM authentication.

I have applied pam authentication for local users as highlighted in below file. # cat /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_unix.so... (0 Replies)
Discussion started by: pinga123
0 Replies

8. Red Hat

Authentication Failed

Hi everyone ... ( Linux Cent OS ) i cant login as root user in my lab machine ... i did give correct root and root passwd ..but it showing Authentication Failed ... plz help me (4 Replies)
Discussion started by: coolboys
4 Replies

9. UNIX and Linux Applications

Authentication in Jenkins

What do you guys use for authentication on Jenkins? We are currently not using anything and I am attempting to use AD, however when I have it enabled, the jenkins CLI does not allow my slaves to register anonymously.. which is understandable, however I cannot find the proper syntax for the... (0 Replies)
Discussion started by: s ladd
0 Replies

10. SuSE

Authentication with PAM

Hello all, I recently updated PAM policy files (pam_authz.policy) on HP-UX Servers with AD groups involving allowing and denying the certain groups.. Could anyone tell me what is the equivalent mechanism in SLES(Linux)? Is it possible to allow/deny AD group access with the SLES LDAP... (0 Replies)
Discussion started by: lcclaj0
0 Replies

LEARN ABOUT OPENDARWIN

keyfile

KEYFILE(5)							AFS File Reference							KEYFILE(5)

NAME

       KeyFile - Defines AFS server encryption keys

DESCRIPTION

       The KeyFile file defines the server encryption keys that the AFS server processes running on the machine use to decrypt the tickets
       presented by clients during the mutual authentication process. AFS server processes perform privileged actions only for clients that
       possess a ticket encrypted with one of the keys from the file. The file must reside in the /etc/openafs/server directory on every server
       machine. For more detailed information on mutual authentication and server encryption keys, see the OpenAFS Administration Guide.

       Each key has a corresponding a key version number that distinguishes it from the other keys. The tickets that clients present are also
       marked with a key version number to tell the server process which key to use to decrypt it. The KeyFile file must always include a key with
       the same key version number and contents as the key currently listed for the "afs/cell" principal in the associated Kerberos v5 realm or
       Authentication Database. (The principal "afs" may be used if the cell and realm names are the same, but adding the cell name to the
       principal is recommended even in this case. "afs" must be used as the principal name if the cell uses the Authentication Server rather than
       a Kerberos v5 realm.) The key must be a DES key; no stronger encryption type is supported.

       The KeyFile file is in binary format, so always use either the asetkey command or the appropriate commands from the bos command suite to
       administer it:

       o   The asetkey add or bos addkey command to add a new key.

       o   The asetkey list or bos listkeys command to display the keys.

       o   The asetkey delete or bos removekey command to remove a key from the file.

       The asetkey commands must be run on the same server as the KeyFile file to update. The bos commands may be run remotely. Normally, new keys
       should be added from a Kerberos v5 keytab using asetkey add.  bos addkey is normally only used if the Authentication Server is in use
       instead of a Kerberos v5 realm.

       In cells that use the Update Server to distribute the contents of the /etc/openafs/server directory, it is customary to edit only the copy
       of the file stored on the system control machine. Otherwise, edit the file on each server machine individually.

CAUTIONS

       The most common error caused by changes to KeyFile is to add a key that does not match the corresponding key for the Kerberos v5 principal
       or Authentication Server database entry. Both the key and the key version number must match the key for the corresponding principal, either
       "afs/cell" or "afs", in the Kerberos v5 realm or Authentication Database. For a Kerberos v5 realm, that principal must only have DES
       encryption types in the Kerberos KDC.

       In the unusual case of using bos addkey to add a key with a known password matching a password used to generate Kerberos v5 keys, the keys
       in the Kerberos v5 KDC database must use "afs3" salt, not the default Kerberos v5 salt. The salt doesn't matter for the more normal
       procedure of extracting a keytab and then adding the key using asetkey.

SEE ALSO

       asetkey(8), bos_addkey(8), bos_listkeys(8), bos_removekey(8), kas_setpassword(8), upclient(8), upserver(8)

       The OpenAFS Administration Guide at <http://docs.openafs.org/AdminGuide/>.

COPYRIGHT

       IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

       This documentation is covered by the IBM Public License Version 1.0.  It was converted from HTML to POD by software written by Chas
       Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.

OpenAFS 							    2012-03-26								KEYFILE(5)
All times are GMT -4. The time now is 05:25 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy