[opensuse-security] Certificate acceptance
Good afternoon. I would be grateful if someone could point me to the right site or give me some clue in this matter. Whenever I log in into my remote Linux box ( 10.2 ) the first time via SSH I will be asked to accept the certificate of that server. Is it possible to configure the server to accept only connections from selected clients based on the client's certificate? Regards Wolfgang Kluge --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
Hi, kl schrieb:
Good afternoon.
I would be grateful if someone could point me to the right site or give me some clue in this matter.
Whenever I log in into my remote Linux box ( 10.2 ) the first time via SSH I will be asked to accept
and, hopefully, you check the certificate before accepting.
the certificate of that server. Is it possible to configure the server to accept only connections from selected clients based on the client's certificate?
Not Clients, but users. Search the manpage for authorized_keys Greetings Dirk
Regards
Wolfgang Kluge
--------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
-- TRIA IT-consulting GmbH Joseph-Wild-Straße 20 81829 München Germany Tel: +49 (89) 92907-0 Fax: +49 (89) 92907-100 http://www.tria.de Registergericht München HRB 113466 USt.-IdNr. DE 180017238 Steuer-Nr. 802/40600 Geschäftsführer: Rosa Igl -------------------------------------------------------------------------------- Nachricht von: Dirk.Schreiner@tria.de Nachricht an: suse-security@suse.com # Dateianhänge: 0 --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
Yes, in some way . . . http://www.howtoforge.com/ssh_key_based_logins_putty is quite a good totorial. If Your clients have static IP (or at least static range, from which they have their IP's) it is also useful to configure iptables that connections on port 22 will be granted only for trusted ip's. Anyway, it's more secure, but less comfortable. TheNewOne kl wrote:
Good afternoon.
I would be grateful if someone could point me to the right site or give me some clue in this matter.
Whenever I log in into my remote Linux box ( 10.2 ) the first time via SSH I will be asked to accept the certificate of that server. Is it possible to configure the server to accept only connections from selected clients based on the client's certificate?
Regards
Wolfgang Kluge
To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
participants (3)
-
Dirk Schreiner
-
kl
-
TheNewOne