Difference between revisions of "Authentification"
From Blue-IT.org Wiki
(Created page with "== Yubikey == == SSH == Generally: only use key based authentification with webserver logins! vim /etc/ssh/sshd_config # Authentication: [...] PermitRootLogin without-p...") |
(→SSH) |
||
| Line 2: | Line 2: | ||
== SSH == | == SSH == | ||
| − | Generally: only use key based authentification with webserver | + | Generally: only use key based authentification with your ssh-webserver login! |
vim /etc/ssh/sshd_config | vim /etc/ssh/sshd_config | ||
| − | |||
[...] | [...] | ||
PermitRootLogin without-password | PermitRootLogin without-password | ||
| Line 17: | Line 16: | ||
RhostsRSAAuthentication no | RhostsRSAAuthentication no | ||
HostbasedAuthentication no | HostbasedAuthentication no | ||
| − | + | ||
PermitEmptyPasswords no | PermitEmptyPasswords no | ||
ChallengeResponseAuthentication no | ChallengeResponseAuthentication no | ||
| Line 24: | Line 23: | ||
X11Forwarding no | X11Forwarding no | ||
UseLogin no | UseLogin no | ||
| − | + | ||
'''UsePAM no''' <<<< !!!! | '''UsePAM no''' <<<< !!!! | ||
Revision as of 07:06, 19 August 2015
Yubikey
SSH
Generally: only use key based authentification with your ssh-webserver login!
vim /etc/ssh/sshd_config
[...] PermitRootLogin without-password StrictModes yes RSAAuthentication yes PubkeyAuthentication yes IgnoreRhosts yes RhostsRSAAuthentication no HostbasedAuthentication no PermitEmptyPasswords no ChallengeResponseAuthentication no PasswordAuthentication no # <<<< !!!! X11Forwarding no UseLogin no UsePAM no <<<< !!!!