FW: No longer can connect

From: Nathan Zabaldo (nate_at_teradigm.us)
Date: 07/01/05

  • Next message: Josh Grosse: "shutting down dictionary attacks" 
    To: <secureshell@securityfocus.com>
Date: Fri, 1 Jul 2005 09:41:32 -0700

    I've read the manual on how to generate keys, but it is too cryptic for me
    not being a linux guy quite yet.

    Please someone spell it out for me. This is what I am looking for please
    fill in the blanks.

    On my box I have users that I have set up that I want to be able to use
    Putty to connect remotely via sshd. Sshd is now installed and up and
    running. For my users to connect I have to (blank) in each of my user's
    accounts.

    For example in a terminal on the box when I am logged into a users account
    type in:

    (Please fill in the blank.)

    I'm sure this is simplistic to some people out there, but rocket science to
    a Windows guy trying to get away from Windows.

    Thanks,

    Nate

    -----Original Message-----
    From: Greg Wooledge [mailto:wooledg@eeg.ccf.org]
    Sent: Friday, July 01, 2005 4:41 AM
    To: Nathan Zabaldo
    Subject: Re: No longer can connect

    On Thu, Jun 30, 2005 at 01:31:37PM -0700, Nathan Zabaldo wrote:
    > Yep. I quit going the webmin module route and just installed from source.
    > So now it us up and running and I am trying to figure out how to generate
    > ssh-genkey keys so that users on the box can connect.

    Normally users authenticate by password, or by generating their own
    key pairs.

    > Please fill in the blanks:
    >
    > ssh-genkey -trsa -b1024 -fusers-on-this-computer -Nnewpassphrase
    >
    > What goes after the -f so it picks up all the users on my computer?

    That doesn't make sense.

    If you want every user on the computer to be able to authenticate
    using the *same* key pair (which I would not recommend at all),
    then what you'd do is generate one key pair; put the public key into
    ~/.ssh/authorized_keys of every single user; and give the private key
    to every user on the system. Then they'd all be able to authenticate
    as any user using that key.

    Otherwise, just generate a key pair for each user. Or let them generate
    their own.

    Ask the mailing list for more details.

  • Next message: Josh Grosse: "shutting down dictionary attacks"