Re: Authentication to SSHd server

You can force Password and RSA key authentication, as those are server
based, but you cannot force
the private key to be passphrase protected as that is client based.

On Feb 15, 2008 5:08 AM, Samuel Soulard <darkmasterhalo@xxxxxxxxx> wrote:
Hi guys,

I wanna know if it is possible to force authentication to a OpenSSH
server by a password and by a RSA Key(With a Passphrase on it). In
this manner, it would be impossible for a attacker to brute force just
the password to get credential of the SSH server.

Thanks for your help

The OpenSSH version I use is the Latest Stable Release (4.7)


And, did Galoka think the Ulus were too ugly to save?

Relevant Pages

  • Re: Using RSA key _and_ password
    ... Something you have (Private Key) ... Asked for via the password authentication feature. ... The issue is having the server require both authentication methods. ... OpenSSH should be able to do this. ...
  • RE: Decrypting an ssh session knowing the private key?
    ... communication by using the private key of the server ... to use libraries the openssh has already writen. ... just need to send a packet with the private key to a function right? ...
  • [OT] Re: RSA implementation, please comment.
    ... on a separate server is actually a very good idea, ... This web front uses a well defined and secure ... Don't store the private key on the server. ... Every client gets a smartcard for the decryption (or a HSM, ...
  • now SSL and ids ( was Re: ssh and ids )
    ... > How many simultaneous SSL sessions can be tracked? ... qualifies as a third party having access to the private key. ... communicate with the server in the clear. ... > best protection against covert channels is to stop the attacker before ...
    ... As long as the private key is readable by the ssh client when it comes ... When the ssh client connects to the server, ... private key which matches the public key. ...