I'm using OpenSSH on Ubuntu for my server. I need to set a password (or even a passphrase, whatever). I was reading about it the other day but I can't find the article Any help would be appreciated.
The SSH password of a user is just the user's password. That's what you do with SSH: log in to the server as a user, just like you would if you were sitting in front of it, the only difference is that you can do it from anywhere in the world through a secure encrypted connection. If you can't log in, make sure your firewall allows incoming TCP traffic on the port you're using (usually 22) and check the hosts.allow, hosts.deny and the SSH configuration files.
The SSH password of a user is just the user's password. That's what you do with SSH: log in to the server as a user, just like you would if you were sitting in front of it, the only difference is that you can do it from anywhere in the world through a secure encrypted connection. If you can't log in, make sure your firewall allows incoming TCP traffic on the port you're using (usually 22) and check the hosts.allow, hosts.deny and the SSH configuration files.
Yeah, I understand that (although thanks for the clarification). The last time I set up an SSH server, I set a passphrase that a user had to enter before they were allowed access. I remember disabling the use of passwords in the config file, and using a phrase instead.
I can't remember exactly what I did though, so I can't find anything on Google about it. Does it sound familiar to you?
Yeah, I understand that (although thanks for the clarification). The last time I set up an SSH server, I set a passphrase that a user had to enter before they were allowed access. I remember disabling the use of passwords in the config file, and using a phrase instead.
I can't remember exactly what I did though, so I can't find anything on Google about it. Does it sound familiar to you?
What that does is generating keyfiles for logging in. That way you send a keyfile to the server you want to log in to instead of an easy to guess / bruteforce password. The password / passphrase you enter while generating the keys is only used to encrypt your keyfile on the computer you sit at when logging in. Otherwise anybody would be able to copy the keyfile and log in to your remote server, while now they have to brute force / guess the passphrase to decrypt the keyfile first.
^ That sounds more like it Thanks for reminding me. I've got a lot of reading and learning to do, I don't really want to be running an insecure SSH server with the possibility of my IP address getting to some untrustworthy Totse staff member
Thanks for the help, I'll probably have more questions when I get home and start messing with this.
Comments
I think you need to check the config file.
^ Should have seen that one. I use SSH for Totse [fuck me] OP, Amie is right.
Yeah, I understand that (although thanks for the clarification). The last time I set up an SSH server, I set a passphrase that a user had to enter before they were allowed access. I remember disabling the use of passwords in the config file, and using a phrase instead.
I can't remember exactly what I did though, so I can't find anything on Google about it. Does it sound familiar to you?
Here you go: https://help.ubuntu.com/community/SSH/OpenSSH/Keys
What that does is generating keyfiles for logging in. That way you send a keyfile to the server you want to log in to instead of an easy to guess / bruteforce password. The password / passphrase you enter while generating the keys is only used to encrypt your keyfile on the computer you sit at when logging in. Otherwise anybody would be able to copy the keyfile and log in to your remote server, while now they have to brute force / guess the passphrase to decrypt the keyfile first.
Thanks for the help, I'll probably have more questions when I get home and start messing with this.
Generate an authentication key on your computer (just accept the defaults in the wizard):
Then copy your ~/.ssh/id_rsa.pub to the ~/.ssh/authorized_keys file on the server you want to log into:
Whenever you want to log into that host you just:
and you'll log in without the need for a password so long as you're on your computer.