Re: Solaris 9 ssh
From: Cameron Simpson (cs_at_zip.com.au)
Date: 10/19/03
- Previous message: kevin mckay: "Solaris 9 ssh"
- In reply to: kevin mckay: "Solaris 9 ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 19 Oct 2003 11:41:04 +1000 To: kevin mckay <kevintmckay@yahoo.com>
On 00:03 18 Oct 2003, kevin mckay <kevintmckay@yahoo.com> wrote:
| Another ssh question
| Does anyone know if it is possible on the server side to
| require a key AND pass phrase?
It's not. The passphrase is entirely a client-side thing - it has no
part in the ssh protocol. It is purely a client-side protection for the
private key itself. Therefore it's possible for the client (if s/he's
an idiot, and we all know a few) to remove the passphrase on a general
purpose ssh key i.e. make it the empty string.
Actually, now I think about it, you could hack something up. You could
make their login shell be something that requires a passphrase and the
runs their "real" shell. Fiddly.
-- Cameron Simpson <cs@zip.com.au> DoD#743 http://www.cskk.ezoshosting.com/cs/ If all around you is darkness and you feel you're contending in vain, then the light at the end of the tunnel is the front of an oncoming train.
- Previous message: kevin mckay: "Solaris 9 ssh"
- In reply to: kevin mckay: "Solaris 9 ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
