[TCLUG] ssh PubkeyAuthentication + Password

Thu Aug 12 15:32:32 CDT 2004

When you generate the key, you can have a passphrase associated with it.

It requires the key and the passphrase. Note, this passphrase is not the
password for remote machine. 

Benjamin E. Neigebauer
Software Engineer
Compellent Technologies
Eden Prairie, MN 55344

-----Original Message-----
From: tclug-list-bounces at mn-linux.org
[mailto:tclug-list-bounces at mn-linux.org] On Behalf Of Chris Frederick
Sent: Thursday, August 12, 2004 3:18 PM
To: TCLUG Mailing List
Subject: [TCLUG] ssh PubkeyAuthentication + Password

Hey gang,

I have a question about the PubkeyAuthentication methods of ssh.  I know

you can use PubkeyAuthentication to log into a server without a 
password.  And you can also restrict it to require 
PubkeyAuthentication.  But what concerns me is if I use putty to log 
into a server from windows using my private key, and my windows machine 
gets compromised, then whoever has my putty private key file can get 
access to my server.  I could use a usb-key for storing the private key 
as well, but there's still the issue of someone stealing it or it simply

getting lost.  Is there any way to require the PubkeyAuthentication 
method, and after you pass that level, it still asks for a password?  
That way if I ever find that the Windows box has been broken into, I 
still have some level of assurance that the server is still safe (at 
least long enough for me to regenerate and set up new keys).

Thanks all,

Chris

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
Help beta test TCLUG's potential new home: http://plone.mn-linux.org
Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery
tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list