Re: question about OpenSSH in cygwin

From: Nathan Jackson (c.cured_at_gmail.com)
Date: 08/12/05

  • Next message: Bill Moran: "Re: Anyone with a technique for accomplishing chroot using sftp"
    Date: Fri, 12 Aug 2005 10:36:49 +0200
    To: Sander Morsink <smorsink@planet.nl>
    
    

    Samor,

    A few pointers for you:

    1. Disable your guest account
    2. Every user on your system should have a password!
    3. If you didn't have passwords setup before then the chances are that
    your new passwords are weak. I would suggest setting up public key
    authentication in SSH as the only means of authenticating to your
    machine.

    There's a nicely detailed article on how to set this up at
    http://www.cs.unm.edu/~venkata/ssh.html

    Once you have done this and tested that pubkey auth works, you will
    need to modify your sshd_config to turn off passphrase auth and allow
    only pubkey auth. It should end up looking like the following (note,
    anything commented out in the config file is a default value and
    doesn't need changing):

    #RSAAuthentication yes
    #PubkeyAuthentication yes
    #AuthorizedKeysFile .ssh/authorized_keys

    PasswordAuthentication no
    #PermitEmptyPasswords no

    HTH,

    Nathan

    On 8/11/05, Sander Morsink <smorsink@planet.nl> wrote:
    > Hello,
    >
    > I've succesfully installed openssh under cygwin. (according to
    > http://pigtail.net/LRP/printsrv/cygwin-sshd.html)
    >
    > I'd just want to make sure things are set up ok....
    >
    > my own user account, which has a password now, has ssh access. is it
    > right that the administrator and guest account don't have access and
    > that any other account without a password doesn't either? I don't want
    > them to either, just want to make sure that a smart kid somewhere can't
    > get in due to some silly thing I forgot to turn off :)
    >
    > Thanks,
    >
    >
    >
    > Samor
    >
    >
    >
    >


  • Next message: Bill Moran: "Re: Anyone with a technique for accomplishing chroot using sftp"