On May 19, 2005, at 6:47 AM, Kaj Mdkinen wrote:
Is this secure?
I have set up an authpf on my firewall. When I authenticate with an ssh2 des keyfile the firewall passes
and forwards it to my windows computer according to my rules in authpf.rules. On my windows computer I run Cygwin sshd also with ssh2 PubkeyAuthentication.
Of courseI have PasswordAuthentication no , PubkeyAuthentication yes and Protocol 2 in my sshd_config.
An attackeron my open-bsd box gets the login prompt but no password prompt withouth the keyfile.
The error is then this: Received disconnect from xxx.xxx.xxx.xxx 11: No supported authentication methods available
Won't this be a mission impossible to hack?
Nothing is impossible. It's possible an attacker could discover a flaw in pf or authpf and find a way around it's restrictions. It's also possible that someone could discover a security hole in OpenBSD and use that to compromise your system. The likelihood is small, since this is OpenBSD, and it's a very tight ship, but not impossible.
I'm no security guru, but it sounds to me like your setup is secure, in that you're putting multiple levels of walls between outside users and your system.
Enjoy restful nights, while Windows and Linux admins nervously toss and turn in their sleep. :-)
-- Jordan Klein ~ Beware of dragons [EMAIL PROTECTED] ~ for you are crunchy Unix Administrator ~ and go well with ketchup
