maemo.org - Talk
Page 3 of 3 12 3
Show 40 post(s) from this thread on one page

maemo.org - Talk (https://talk.maemo.org/index.php)
-   Applications (https://talk.maemo.org/forumdisplay.php?f=41)
-   -   Problems using public key authentication in N900. (https://talk.maemo.org/showthread.php?t=35587)

strank 2009-12-13 10:22
Re: Problems using public key authentication in N900.
 
Quote:
Originally Posted by cowb0y (Post 424021)
I'm not sure of any reason to not give the user account a password (on this platform). ... I also recommend assigning a strong root password, to help insulate against generic userland exploits.

If the passwordless method described is chosen, the user MUST disable password authentication in /etc/ssh/sshd_config (or anyone connecting will be granted shell access (and presumably, soon thereafter, root)).
Amen to the strong root password! However, the method described does not allow passwordless logins, on the contrary, since "NP" is not the hash of any password, login with password is now impossible both locally (as before) and via ssh. (I just verified that by changing my sshd_config and trying.)

My reasoning for not assigning 'user' a password is to avoid any conflicts with other changes during system updates. (Extra file instead of changed file, I still have a root password hash in /etc/passwd though...)
It does not really make a big difference probably, it is, however, actually more secure than assigning a password!

Nevertheless...

Quote:
Originally Posted by cowb0y (Post 424021)
I recommend the following settings, regardless:

PermitRootLogin no
PasswordAuthentication no
... what cowb0y said.

cowb0y 2009-12-13 22:27
Re: Problems using public key authentication in N900.
 
Thanks for the clarification.


All times are GMT. The time now is 15:59.
Page 3 of 3 12 3
Show 40 post(s) from this thread on one page

vBulletin® Version 3.8.8