On 2/21/20 4:00 AM, Bob Goodwin wrote:
In doing this is their danger of making an error and locking myself out
of my computer, if so what to avoid? I've made some catastrophic errors
in the not very distant past that required a new system re-installation
and would prefer not repeating that.
Y
On Fri, Feb 21, 2020 at 07:00:51 -0500,
Bob Goodwin wrote:
I've been reading the thread about detecting hack attempts and I am
interested in in setting up "key based authentication" as described
[perhaps] in "https://docs.fedoraproject.org/en-US/Fedora/14/html/Deployment_Guide/s2-ssh-configura
On Fri, 21 Feb 2020 08:17:27 -0600
Richard Shaw wrote:
> It will check that you have correct permissions in ~/.ssh before copying
> the public key over to the remote system. If course you'll need to leave
> password auth turned on until you complete this.
That's the important bit. You can leave p
On Fri, Feb 21, 2020 at 6:05 AM Bob Goodwin wrote:
> I've been reading the thread about detecting hack attempts and I am
> interested in in setting up "key based authentication" as described
> [perhaps] in
> "
> https://docs.fedoraproject.org/en-US/Fedora/14/html/Deployment_Guide/s2-ssh-configura
On Fri, 21 Feb 2020, 12:51 Frank Pikelner, wrote:
> Take care with " backdoors", not a good idea. Port scanners ie "nmap"
> will find obfuscated servers running on different ports.
>
> On Fri, Feb 21, 2020 at 7:21 AM Michal Schorm wrote:
> >
> > > In doing this is their danger of making an error
Take care with " backdoors", not a good idea. Port scanners ie "nmap"
will find obfuscated servers running on different ports.
On Fri, Feb 21, 2020 at 7:21 AM Michal Schorm wrote:
>
> > In doing this is their danger of making an error and locking myself out
> > of my computer, if so what to avoid
Key based authentication works well in small environments, you
generate the keys (recommend you consider ed25519 instead of RSA,
etc), distribute them across the servers (public keys) and update the
authorized keys file. On the server side you configure SSHD to use
keys vs. passwords (disable passw
> In doing this is their danger of making an error and locking myself out
> of my computer, if so what to avoid?
You can use dummy account for that, on both ends.
You can force SSH (client) to only use keyes, instead of passwords.
You can run SSH in a container, to learn how to set it up. If you
