[svlug] SSH password question

Seth David Schoen schoen at uclink4.berkeley.edu
Sat Nov 7 01:32:26 PST 1998

Previous message: [svlug] SSH password question
Next message: [svlug] SSH password question
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hans Cathcart writes:

> Hi,
> I'm using SSH to log into my servers, but I'm also using POP to check my
> mail. Since both SSH and POP look at the /etc/passwd file, I see a security
> problem. If someone traps my POP session password, which is not encrypted,
> they can then log in through SSH. Is there an easy, straight-forward way of
> having different passwords?

Aside from the trick of using tunnels, so that your POP sessions won't be
insecure, you can also configure sshd to deny Unix password authentication
and use only SSH's RSA keys.  In /etc/sshd.conf, set

PasswordAuthentication no

Then use only RSA keys to connect via SSH, not Unix passwords.

-- 
   Seth David Schoen L&S '01 (undeclared) / schoen at uclink4.berkeley.edu
He said, "This is what the king who will reign over you will do."  And they
said, "Nay, but we will have a king over us, that we also may be like all the
nations." (1 Sam 8)  http://ishmael.geecs.org/~sigma/   http://www.loyalty.org/

--
echo "unsubscribe svlug" | mail majordomo at svlug.org
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ to unsubscribe

Previous message: [svlug] SSH password question
Next message: [svlug] SSH password question
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list