On Wed, May 22, 2002 at 08:50:44PM -0500, Shawn Fertch wrote: > I'm running OpenSSH 2.9p1, and would like to figure out a way to do the > following: > > 1) Prevent root from logging in directly from an SSH connection. I'm > assuming this might be possible via the hosts.deny as well as the > hosts.allow? If I set the securetty, I believe that only prevents telnet > only if console is set. Or, at least on HP's that's been my experience. > Preferably, I'd like to have a regular user log in, then su if need be. > > 2) I want to run cronjobs that do scp copies to backup remote files on > other servers. However, I'm not sure how to do this. Whenever I run > scp, I get prompted for a password. I'm assuming that by default, my > scripts will run into this issue as well. > > Could anyone point me to a place that might have documentation on this? > I believe that I will also need to upgrade my OpenSSH as there is a > vulnerability in this version. Unfortunately, I can't seem to connect to > Slack's ftp site. Anyone have any luck getting there? > You can do (1) by setting "PermitRootLogin no" in your sshd config. You can do (2) by running ssh-keygen to generate an RSA pair, then putting a copy of the public key in the authorized_keys file of the target login. The O'Reilly SSH book has these and more, and probably does a better job of explaining. :-) The ssh man pages openssh web pages (openssh.org) have good stuff too. -- trammell at el-swifto.com | 78BA 706C C5F9 9321 E7C4 933B D063 907B A88E 924B Twin Cities Linux Users Group (TCLUG) Mailing List http://www.mn-linux.org Minneapolis/St. Paul, Minnesota irc.openprojects.net #tclug