Re: Solaris 9 ssh

From: Cameron Simpson (
Date: 10/19/03

  • Next message: Brown, Rodrick: "Solaris 8 SSH Issues."
    Date: Sun, 19 Oct 2003 11:41:04 +1000
    To: kevin mckay <>

    On 00:03 18 Oct 2003, kevin mckay <> wrote:
    | Another ssh question
    | Does anyone know if it is possible on the server side to
    | require a key AND pass phrase?

    It's not. The passphrase is entirely a client-side thing - it has no
    part in the ssh protocol. It is purely a client-side protection for the
    private key itself. Therefore it's possible for the client (if s/he's
    an idiot, and we all know a few) to remove the passphrase on a general
    purpose ssh key i.e. make it the empty string.

    Actually, now I think about it, you could hack something up. You could
    make their login shell be something that requires a passphrase and the
    runs their "real" shell. Fiddly.

    Cameron Simpson <> DoD#743
    If all around you is darkness and you feel you're contending in vain,
    then the light at the end of the tunnel is the front of an oncoming train.

  • Next message: Brown, Rodrick: "Solaris 8 SSH Issues."

    Relevant Pages

    • RE: Controlling ssh from an external program
      ... passphrase could be discovered and the private key would fall into dangerous ... NB the SSH environment strings need to be included in this mixture! ... character as the final character could signify accept from a file. ... Controlling ssh from an external program ...
    • Re: More on learning "Public Key Authentication"
      ... > computers in my local network are configured that way. ... > A long passphrase is a good idea but for other reasons. ... I _think_ a passphrase is used merely to verify that a public SSH ... _public_ keys between computers, so I do not even use a public SSH ...
    • Re: Working with sshs escape character
      ... Try hitting tilde followed by period and see what happens within an ssh ... from within a login shell over ssh. ... The escape character must always follow a newline to be interpreted as ...
    • different SSH/keychain behavior on Fedora Core 4?
      ... I'm wondering if anyone's seen different SSH and keychain behavior on ... But since upgrading the home machine to FC4 this trick no longer works ... for the passphrase for the local RSA private key... ... I realize that this may be more of an SSH question than an actual Fedora ...
    • SUMMARY: how to set correct path?
      ... ven if we login with ssh. ... For BASH login shell, place the system wide ENV variables, such as PATH, ... You can set Use_login in the sshd_config to yes and restart sshd. ...