Difference between revisions of "Freeside:1.9:Documentation:Administration:SSH Keys"
From Freeside
(New page: = Introduction = Freeside can login to remote machines unattended using SSH. This can pose a security risk if not configured correctly, and will allow an intruder who breaks into your fr...) |
(No difference)
|
Revision as of 10:20, 5 March 2010
Introduction
Freeside can login to remote machines unattended using SSH. This can pose a security risk if not configured correctly, and will allow an intruder who breaks into your freeside machine access to your remote machines. Do not use this feature unless you understand what you are doing and have first properly secured your Freeside machine.
Instructions
- As the freeside user (on your freeside machine), generate an authentication key using
ssh-keygen
. Since this is for unattended operation, use a blank passphrase. - Append the newly-created
identity.pub
file to~root/.ssh/authorized_keys
(or the appopriate~username/.ssh/authorized_keys
) on the remote machine(s). - Some new SSH v2 implementation accept v2 style keys only. Use the
-t
option tossh-keygen
, and append the createdid_dsa.pub
orid_rsa.pub
to~root/.ssh/authorized_keys2
(or the appopriate~username/.ssh/authorized_keys
) on the remote machine(s). - You may need to set
PermitRootLogin without-password
(meaning with keys only) in yoursshd_config
file on the remote machine(s). - You may want to set
ForwardX11 = no
in~root/.ssh/config
to prevent spurious errors and increase security if your distribution turns on X11 forwarding by default.