09-10-2010
Quote:
Originally Posted by
zaxxon
No worries. It applies to any machine where a sshd is running. ssh_config is for client config and sshd_config is for server config. If there is a acting as a server, you have to edit it's /etc/ssh/sshd_config and restart it's sshd, plus editing the hosts.equiv to your needs. If you come from another box like a pc with putty or ssh client from a linux box for example, you do not have to edit or restart anything on the client.
i did the configurations, i enabled the
HostbasedAuthentication yes in both the ssh_config of client and sshd_config of server. Then i added the the client hostname and ip in the following manner in etc/hosts.equiv file of the server.
clienthost ip
but when i gave ssh server from the client it is asking for the password.
Please correct me if i were wrong in any of the above mentioned scenarios...
10 More Discussions You Might Find Interesting
1. Cybersecurity
I would like to know how to validate an unix password from shell script (If is possible)
Thanks very much
;) (3 Replies)
Discussion started by: juan_o_morillo
3 Replies
2. UNIX for Advanced & Expert Users
I'd like to do a data transfer without encryption but with a guarantee that my data comes from a legit source. I'm thinking something that uses a public key scheme to sign the data.
Does anyone know of something like that?
Thanks!
-Pileofrogs (1 Reply)
Discussion started by: pileofrogs
1 Replies
3. Forum Support Area for Unregistered Users & Account Problems
I recently registered, but never received the email with the instructions for authenticating my account. I confirmed my email in in the profile looks correct. I found and clicked the link to resend the authentication email. I clicked that link two days ago and I still don't have the email. It... (1 Reply)
Discussion started by: dwallace
1 Replies
4. Solaris
Sir,
We are using windows amd solaris systems on my company when ever we are sharing the files from windows to solaris it was asking authentication as a administrator i can share the if normal user wants to share the files from windows to solaris every time i have to go and type the username and... (1 Reply)
Discussion started by: ambavaram
1 Replies
5. Linux
We are using fedora 8 on my system in that we are using evolution for checking mail we have configured mail server on fedora 8 in another system earlier when i was open the evolution it was asking password for authentication from last two days whenever i open the evolution it was not asking... (1 Reply)
Discussion started by: ambavaram
1 Replies
6. Red Hat
Hi friends,
I have a requirement is to authenticate samba users seperately.
1. Linux samba server
2. Linux Client
3. Need to mount samba share on linux client permanently without providing credentials.
4. when user is accessing that mount point need to be prompted for credentials.
... (1 Reply)
Discussion started by: arumon
1 Replies
7. UNIX for Advanced & Expert Users
I have applied pam authentication for local users as highlighted in below file.
# cat /etc/pam.d/system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth sufficient pam_unix.so... (0 Replies)
Discussion started by: pinga123
0 Replies
8. Red Hat
Hi everyone ...
( Linux Cent OS ) i cant login as root user in my lab machine ... i did give correct root and root passwd ..but it showing Authentication Failed ...
plz help me (4 Replies)
Discussion started by: coolboys
4 Replies
9. UNIX and Linux Applications
What do you guys use for authentication on Jenkins? We are currently not using anything and I am attempting to use AD, however when I have it enabled, the jenkins CLI does not allow my slaves to register anonymously.. which is understandable, however I cannot find the proper syntax for the... (0 Replies)
Discussion started by: s ladd
0 Replies
10. SuSE
Hello all,
I recently updated PAM policy files (pam_authz.policy) on HP-UX Servers with AD groups involving allowing and denying the certain groups..
Could anyone tell me what is the equivalent mechanism in SLES(Linux)? Is it possible to allow/deny AD group access with the SLES LDAP... (0 Replies)
Discussion started by: lcclaj0
0 Replies
LEARN ABOUT MINIX
ssh-keysign
ssh-keysign(1M) ssh-keysign(1M)
NAME
ssh-keysign - ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication
with SSH protocol version 2. This signature is of data that includes, among other items, the name of the client host and the name of the
client user.
ssh-keysign is disabled by default and can be enabled only in the global client configuration file /etc/ssh/ssh_config by setting Host-
basedAuthentication to yes.
ssh-keysign is not intended to be invoked by the user, but from ssh. See ssh(1) and sshd(1M) for more information about host-based authen-
tication.
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, readable
only by root, and not accessible to others. Because they are readable only by root, ssh-keysign must be set-uid root if host-based
authentication is used.
ssh-keysign will not sign host-based authentication data under the following conditions:
o If the HostbasedAuthentication client configuration parameter is not set to yes in /etc/ssh/ssh_config. This setting cannot be overri-
den in users' ~/.ssh/ssh_config files.
o If the client hostname and username in /etc/ssh/ssh_config do not match the canonical hostname of the client where ssh-keysign is
invoked and the name of the user invoking ssh-keysign.
In spite of ssh-keysign's restrictions on the contents of the host-based authentication data, there remains the ability of users to use it
as an avenue for obtaining the client's private host keys. For this reason host-based authentication is turned off by default.
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWsshu |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
ssh(1), sshd(1M), ssh_config(4), attributes(5)
AUTHORS
Markus Friedl, markus@openbsd.org
HISTORY
ssh-keysign first appeared in Ox 3.2.
9 Jun 2004 ssh-keysign(1M)