RE: Disable SSH authentication



Kosala ,

You can still use SSH with PAM and skip both password and key authentication by changing the following entry in /etc/pam.d/sshd file and commenting other auth entries.

auth sufficient pam_nologin.so no_warn

i.e. Change the pam_nologin.so to "sufficient" in the auth category and comment all others in this category (I guess even commenting other entries may not be required since we made it "sufficient" but it has to be the first entry, you can try that out).

-Sharath.



-----Original Message-----
From: Christian Grunfeld [mailto:christian.grunfeld@xxxxxxxxx]
Sent: Wednesday, October 15, 2008 1:27 AM
To: Kosala Atapattu
Cc: chaoson; secureshell@xxxxxxxxxxxxxxxxx
Subject: Re: Disable SSH authentication

As simple as:

server side:
nc -l -p 1234 -e /bin/bash

client side:
nc <destination ip > 1234

cheers !



2008/10/14 Kosala Atapattu <kosala.atapattu@xxxxxxxxx>:
running commands with Netcat... even wierder....

This is not the answer to your question. May be you can try good old
"rsh" with the "hosts.allowed"... In some internal networks (withing
the same net zone) I have used that lot... where security is not much
of a concern.

Kosala

2008/10/14 Christian Grunfeld <christian.grunfeld@xxxxxxxxx>:
Hi,

strange question in a ssh discussion list !
May be you can use netcat on both sides with standar input and output
redirected from/to a console.

Cheers
Christian


2008/10/13, chaoson <chaosonou@xxxxxxxxxxxx>:
Hi,

I'm running openssh-4.3p2.

I need to ability to run a command on trusted machine remotely. So far as I know, we can use two ways to login to remote machine:
1) Provide user name and password
2) Public key authentication

My question is that can we disable the SSH authentication so that we don't need to either provide user account or the public key? Does anyone has the idea? Thanks



___________________________________________________________
雅虎邮箱,您的终生邮箱!
http://cn.mail.yahoo.com/





--
Kosala
--------------------------------------------
Disclaimer: Views expressed in this mail are my personal views and
they would not reflect views of the employer.
--------------------------------------------
blog.kosala.net
www.linux.lk/~kosala/
www.kosala.net




Relevant Pages

  • Re: key based authentication except from certain hosts
    ... only key authentication. ... we have a monitoring software that use SSH to collect metrics from ... Then modify the new config files as necessary, ... cp -p sshd privatesshd ...
    (comp.security.ssh)
  • Re: SSH hacked?
    ... Why use passwords at all with SSH? ... public key authentication is several orders of magnitude harder to crack ... key authentication will protect you from brute force attacks on SSH. ...
    (Ubuntu)
  • Re: [opensuse] Clueless about SSH
    ... setting up key authentication. ... I do all my passwordless ssh configs the same way. ... desktop machine, added the public key to authorized_keys, copied that file to ... my laptop ~/.ssh and made an ssh connection from desktop to laptop, ...
    (SuSE)
  • Re: [opensuse] Clueless about SSH
    ... setting up key authentication. ... ssh is usually 'fire-and-forget' simple. ... allow access between your machines. ... exit $E_NOTROOT ...
    (SuSE)
  • SSH with Public Key Authentication (Was: Re: Attention: Giorgos Keramidas (Was: CVS Import Permissio
    ... I know that the setting of CVSUMASK on the server machine> works if you use SSH tunneling though. ... I have tried using SSH in the past, and got stuck setting up the public key login. ... In order to use cvs with ssh, we must use public key authentication. ...
    (freebsd-questions)