Re: private key with no passphrase detection
- From: ddunham@xxxxxxxx (Darren Dunham)
- Date: Fri, 14 Sep 2007 20:37:38 GMT
Greg Copeland <gtcopeland@xxxxxxxxx> wrote:
I want to enforce private key authentication as a matter of policy.
You can do that with OpenSSH. What software are you using?
I would like to detect private keys which do not have a passphrase.
How would I go about detecting this so I can get the user to recreate
their key?
Do you have access to the client keys? The SSH server never sees the
key file, (nor the key itself), so it cannot detect or enforce any
restrictions on the user's key.
You could examine the keys directly with a key tool (like ssh-keygen) to
see if a passphrase is present. Again, that would depend on the exact
software in use.
--
Darren Dunham ddunham@xxxxxxxx
Senior Technical Consultant TAOS http://www.taos.com/
Got some Dr Pepper? San Francisco, CA bay area
< This line left intentionally blank to confuse you. >
.
- Follow-Ups:
- Re: private key with no passphrase detection
- From: Greg Copeland
- Re: private key with no passphrase detection
- From: Nico
- Re: private key with no passphrase detection
- References:
- private key with no passphrase detection
- From: Greg Copeland
- private key with no passphrase detection
- Prev by Date: private key with no passphrase detection
- Next by Date: Re: Using putty to debug ssh through a firewall
- Previous by thread: private key with no passphrase detection
- Next by thread: Re: private key with no passphrase detection
- Index(es):
