>We have a number of people connecting thru ISPs via secure shell. Some of
>the ISPs use DHCP so the sshd_config AllowHosts wont do us much good.
>Is there some way to set up authentication for these machines? Can
>Radius do this?
All of whom mentioned that RSA Authentication within ssh will work. I tried
it locally and after banging on the config I got the desired results:
Run ssh-keygen on the client, take default file locations and enter a decent
Copy resultant ~/.ssh/identity.pub to servers ~/.ssh/authorized_keys
Insure that permissions are set correctly on server for ~, ~/.ssh and
~/.ssh/* files (see ssh docs)
Modify servers sshd_config to include:
and restart sshd on server.
If user logs in, he'll be prompted for passphrase and only if his machine
has the public key information will he get in.
=-=-=-=-=-=-=-=-=- generated by /dev/dave -=-=-=-=-=-=-=-=-=-=-=-=-=-=
David Stern TSI TelSys
Manager, Information Systems 410-872-3906
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:14:07 CDT