RE: Non-root ssh

Subject: RE: Non-root ssh
From: Mike Barsalou (mbarsalou@aidea.org)
Date: Tue Dec 17 2002 - 14:46:51 AKST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Larry Collier: "RE: Non-root ssh"
• Previous message: Jon Reynolds: "Re: Amanda tapeless configuration (long)"
• Maybe in reply to: Mike Barsalou: "Non-root ssh"
• Next in thread: Larry Collier: "RE: Non-root ssh"
• Next in thread: Brian ThunderEagle: "RE: Non-root ssh"
• Maybe reply: Mike Barsalou: "RE: Non-root ssh"
• Reply: Mike Barsalou: "RE: Non-root ssh"

Thanks Larry, this is tremendously helpful...one thing I forgot to mention
is although I do have two linux machines to try out your steps, one of the
machines is going to be a windows machine using putty. How do I do the
keygen stuff with putty?

Mike

-----Original Message-----
From: Larry Collier [mailto:larry@medease.com]
Sent: Tuesday, December 17, 2002 2:42 PM
To: Mike Barsalou; aklug@aklug.org
Subject: RE: Non-root ssh

I've ben using openssh_2.5.2p2 from rh7.3 with security updates.

To setup a new user for ssh, I do the following:

Login as root on users cpu.
su - <user>
ssh-keygen -- and answer the prompts as needed. I've always used the
                defaults. this is where you put in the passphrase.
login to server cpu as root.
su - <user>
mkdir .ssh
cd .ssh
scp <user>@<users.cpu>:/home/<user>/.ssh/identity.pub ./authorized_keys

if the user may come from additional computers, each originating computer
must have its own key. Just concatenate them together in the
authorized_keys file.

Some tricks found through experimentation, the .ssh directory that you
create can be owned by the user or by root but must have permissions of 755.
The authorized_keys file must have permissions of 644 but owner can be
either user or root.

HTH,
Larry
-----Original Message-----
From: Mike Barsalou [mailto:mbarsalou@aidea.org]
Sent: Tuesday, December 17, 2002 2:13 PM
To: 'Larry Collier'; aklug@aklug.org
Subject: RE: Non-root ssh

Sorry about the lack of info there.

RH 8.0. sshd is in fact running. Running ssh 3.x

I think the piece that I am really missing is:

What is the file name used to store the public key on the remote machine?
What does an entry in that file look like?

If I understand it correctly, I initiate the session.
sshd looks in this file to see if I exist.
Denies or allows me after typing in my user/password pair based partly on
what is in this file?

Mike

-----Original Message-----
From: Larry Collier [mailto:larry@medease.com]
Sent: Tuesday, December 17, 2002 1:21 PM
To: Mike Barsalou; aklug@aklug.org
Subject: RE: Non-root ssh

Mike,

Which ssh are you using? Have you started the daemon on the destination
computer? Which distribution?

Larry

-----Original Message-----
From: aklug-bounce@aklug.org [mailto:aklug-bounce@aklug.org]On Behalf Of
Mike Barsalou
Sent: Tuesday, December 17, 2002 12:58 PM
To: 'aklug@aklug.org'
Subject: Non-root ssh

I want to setup ssh so that I can login as a non-root user....what are the
basic steps for this?

I have been reading through the docs and I am getting clues, but I am
missing something.

Anyone have any good ideas?

Mike

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

• Next message: Larry Collier: "RE: Non-root ssh"
• Previous message: Jon Reynolds: "Re: Amanda tapeless configuration (long)"
• Maybe in reply to: Mike Barsalou: "Non-root ssh"
• Next in thread: Larry Collier: "RE: Non-root ssh"
• Next in thread: Brian ThunderEagle: "RE: Non-root ssh"
• Maybe reply: Mike Barsalou: "RE: Non-root ssh"
• Reply: Mike Barsalou: "RE: Non-root ssh"

This archive was generated by hypermail 2a23 : Tue Dec 17 2002 - 14:50:27 AKST