Difference between revisions of "Authentification"

From Blue-IT.org Wiki

(SSH)
(Yubikey)
Line 1: Line 1:
 
== Yubikey ==
 
== Yubikey ==
 +
 +
* https://www.yubico.com
 +
 +
Please read and make yourself familiar with OTP and the concept or '''Two Factor Authentification'''.
 +
 +
=== Personalisation Tool ===
 +
 +
You can use a ppa to install the required software in Ubuntu:
 +
 +
* https://launchpad.net/~yubico/+archive/ubuntu/stable
 +
* https://www.yubico.com/products/services-software/personalization-tools/use/
 +
 
 +
sudo apt-get install yubikey-personalization yubikey-neo-manager yubioath-desktop ykneomgr
  
 
== SSH ==
 
== SSH ==

Revision as of 07:09, 19 August 2015

Yubikey

Please read and make yourself familiar with OTP and the concept or Two Factor Authentification.

Personalisation Tool

You can use a ppa to install the required software in Ubuntu:

* https://launchpad.net/~yubico/+archive/ubuntu/stable
* https://www.yubico.com/products/services-software/personalization-tools/use/
 
sudo apt-get install yubikey-personalization yubikey-neo-manager yubioath-desktop ykneomgr

SSH

Generally: only use key based authentification with your ssh-webserver login!

vim /etc/ssh/sshd_config
[...]
PermitRootLogin without-password
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes

IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no

PermitEmptyPasswords no
ChallengeResponseAuthentication no
PasswordAuthentication no # <<<< !!!!

X11Forwarding no
UseLogin no

UsePAM no  <<<< !!!!