Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: disallowing user/pass authentication in favor of a pure key system?
Top Forums UNIX for Advanced & Expert Users disallowing user/pass authentication in favor of a pure key system? Post 34639 by xyyz on Monday 3rd of March 2003 07:42:17 PM
Old 03-03-2003
disallowing user/pass authentication in favor of a pure key system?
i finally got my key-pair system working... sort of a makeshift eToken
system. however, i only want to allow this sytem for system access. i
don't want to allow for the standard user/pass authentication system.

right now i changed the following:

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no

(i removed the comment and changed it to no).

however, i can still login with my user/pass.

any idea how i can prevent this?
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

SSH key authentication

Hi all, I have got a Solaris machine and I have several user account setup up with the .ssh and authorized_keys file in their home directories. I have check all the permission and ownership and they are all indentical and belongs to the user ID and group respectively. However one of the... (3 Replies)
Discussion started by: stancwong
3 Replies

2. Shell Programming and Scripting

Disallowing certain characters from user input

Hey, I've create a custom useradd script, and I don't want the person creating the user to be able to put comma's in any of the input fields, because it could corrupt the /etc/passwd file. I don't care what other characters they put in there, so is there a way I can just check all the input... (1 Reply)
Discussion started by: paqman
1 Replies

3. Shell Programming and Scripting

Disable SSH key authentication

Hello Guys, I need your help. I am trying to create a script to change password for multipls servers but having problem when it comes to ssh key authentication. Does anyone have a sample script that will disable ssh key authentication for multiple servers?;) (3 Replies)
Discussion started by: youdexter
3 Replies

4. UNIX for Advanced & Expert Users

Sftp Key Authentication Issue

Hello, We have an issue attempting to login from a Unix Solaris to an NT server using key authentication. I will attempt to provide you with as much of the relevant information regarding the way the system is set up, although I'm workingin solely on the Unix side, so don't have full access to... (3 Replies)
Discussion started by: SteveBurch
3 Replies

5. Shell Programming and Scripting

ssh key based authentication - force

Hi Team, we have problem with sftp. Though SA team has setup the keys between 2 server, sftp still prompts for the password. After many attempt to rectify the problem, SA has asked us force the SSH key based authentication by using following command. sftp2 --indetity="folder/private_key"... (6 Replies)
Discussion started by: ace_friends22
6 Replies

6. Solaris

Solaris 8 ssh public key authentication issue - Server refused our key

Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks. ... (1 Reply)
Discussion started by: aixlover
1 Replies

7. HP-UX

Error while doing key based authentication

We are trying to do a key exchange from Sun solaris server to HP UNIX server. Errro we are getting is as below:- sshd2: connection from "10.13.240.6" sshd2: auths-pam: PAM subprocess returned packet SSH_PAM_OP_ERROR. (err_num: 32, err_msg: General Commercial Security error) sshd2: User... (4 Replies)
Discussion started by: sandipmandal
4 Replies

8. UNIX for Advanced & Expert Users

Is SSH Key Authentication Disabled?

I setup passwordless authentication on a Ubuntu vm by ssh'ing into the localhost. I'm trying to do the same thing on another machine but it's not working. I believe I have the permissions setup properly and keygen'd. Is there a way to disable passwordless authentication? I have permission to... (4 Replies)
Discussion started by: MaindotC
4 Replies

9. UNIX for Advanced & Expert Users

SSH key authentication problem with 2 servers

hi All, this issue is regarding ssh key authentication, although i have performed this activity on two separate servers, now i have to configure the same again on 2 more servers. i did everything what i did earlier but this time i am getting some error, and i am unable to understand what exactly... (2 Replies)
Discussion started by: lovelysethii
2 Replies

10. UNIX for Advanced & Expert Users

How to pass password as a variable for sshpass authentication?

Using below below command i'm able to connect or authenticate server, In below command password contains special characters sshpass -v -p 'ASJBA%hs76)#' ssh -q -o ConnectTimeout=5 hostname But If I pass password as a variable I'm not able to connect or authenticate server, can you please help... (1 Reply)
Discussion started by: sam@sam
1 Replies

LEARN ABOUT MOJAVE

keylogin

keylogin(1)							   User Commands						       keylogin(1)

NAME

       keylogin - decrypt and store secret key with keyserv

SYNOPSIS

       /usr/bin/keylogin [-r]

DESCRIPTION

       The  keylogin command prompts for a password, and uses it to decrypt the user's secret key. The key may be found in the /etc/publickey file
       (see publickey(4)) or the  NIS map ``publickey.byname'' or the  NIS+ table ``cred.org_dir'' in the user's  home	domain.  The  sources  and
       their  lookup  order are specified in the /etc/nsswitch.conf file. See nsswitch.conf(4). Once decrypted, the user's secret key is stored by
       the local key server process, keyserv(1M). This stored key is used when issuing requests to any secure RPC services, such as NFS  or  NIS+.
       The program keylogout(1) can be used to delete the key stored by keyserv .

       keylogin  will  fail  if it cannot get the caller's key, or the password given is incorrect. For a new user or host, a new key can be added
       using  newkey(1M), nisaddcred(1M), or nisclient(1M).

       If multiple authentication mechanisms are configured for the system, each of the configured mechanism's secret key will	be  decrypted  and
       stored by  keyserv(1M).	See nisauthconf(1M) for information on configuring multiple authentication mechanisms.

OPTIONS

       -r	Update	the  /etc/.rootkey  file.  This  file  holds  the unencrypted secret key of the superuser. Only the superuser may use this
		option. It is used so that processes running as superuser can issue authenticated requests without requiring that the  administra-
		tor  explicitly run keylogin as superuser at system startup time. See keyserv(1M). The -r option should be used by the administra-
		tor when the host's entry in the publickey database has changed, and the /etc/.rootkey file has become out-of-date  with   respect
		to  the  actual  key pair stored in the publickey database. The permissions on the /etc/.rootkey file are such that it may be read
		and written by the superuser but by no other user on the system.

		If multiple authentication mechanisms are configured for the system, each of the configured mechanism's secret keys will be stored
		in the /etc/.rootkey file.

FILES

       /etc/.rootkey   superuser's secret key

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       chkey(1),  keylogout(1), login(1), keyserv(1M), newkey(1M), nisaddcred(1M), nisauthconf(1M), nisclient(1M), nsswitch.conf(4), publickey(4),
       attributes(5)

NOTES

       NIS+ might not be supported in future releases of the SolarisTM Operating Environment. Tools to aid the migration from  NIS+  to  LDAP  are
       available in the Solaris 9 operating environment. For more information, visit http://www.sun.com/directory/nisplus/transition.html.

SunOS 5.10							    10 Dec 2001 						       keylogin(1)
All times are GMT -4. The time now is 02:50 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy