Avoiding sending clear text passwords
From: Torsten Bronger (bronger_at_physik.rwth-aachen.de)
Date: 02/25/04
- Next message: Jared: "ssh 2 tunnel to named pipe not working - please help"
- Previous message: Darren Tucker: "Re: scp pathing help with f secure and open ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 25 Feb 2004 14:12:07 +0100
Halloechen!
I try to set up a reasonable configuration for both the client and
the host.
The not-commented-out lines in my /etc/ssh/sshd_config are:
RSAAuthentication yes
PasswordAuthentication no
X11Forwarding yes
UsePrivilegeSeparation no
Subsystem sftp /usr/lib/ssh/sftp-server
Is it correct that the *only* way to estabish a connection is to
append certificates in the authorized-keys file?
Actually I also need the possibility of passwords. Would
PasswordAuthentication yes
a clean and secure way to do so? In particular, the comment in
sshd_config says
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
which sounds not very encouraging. I thought ssh prevented
passwords fom being sent in clear text.
Thank you!
Tschoe,
Torsten.
-- Torsten Bronger, aquisgrana, europa vetus
- Next message: Jared: "ssh 2 tunnel to named pipe not working - please help"
- Previous message: Darren Tucker: "Re: scp pathing help with f secure and open ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
