Difference between revisions of "Authentification"
From Blue-IT.org Wiki
(→SSH) |
(→Yubikey) |
||
| Line 1: | Line 1: | ||
== Yubikey == | == Yubikey == | ||
| + | |||
| + | * https://www.yubico.com | ||
| + | |||
| + | Please read and make yourself familiar with OTP and the concept or '''Two Factor Authentification'''. | ||
| + | |||
| + | === Personalisation Tool === | ||
| + | |||
| + | You can use a ppa to install the required software in Ubuntu: | ||
| + | |||
| + | * https://launchpad.net/~yubico/+archive/ubuntu/stable | ||
| + | * https://www.yubico.com/products/services-software/personalization-tools/use/ | ||
| + | |||
| + | sudo apt-get install yubikey-personalization yubikey-neo-manager yubioath-desktop ykneomgr | ||
== SSH == | == SSH == | ||
Revision as of 07:09, 19 August 2015
Yubikey
Please read and make yourself familiar with OTP and the concept or Two Factor Authentification.
Personalisation Tool
You can use a ppa to install the required software in Ubuntu:
* https://launchpad.net/~yubico/+archive/ubuntu/stable * https://www.yubico.com/products/services-software/personalization-tools/use/ sudo apt-get install yubikey-personalization yubikey-neo-manager yubioath-desktop ykneomgr
SSH
Generally: only use key based authentification with your ssh-webserver login!
vim /etc/ssh/sshd_config
[...] PermitRootLogin without-password StrictModes yes RSAAuthentication yes PubkeyAuthentication yes IgnoreRhosts yes RhostsRSAAuthentication no HostbasedAuthentication no PermitEmptyPasswords no ChallengeResponseAuthentication no PasswordAuthentication no # <<<< !!!! X11Forwarding no UseLogin no UsePAM no <<<< !!!!