- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- sshd - connection between client & server
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-28-2005 08:56 PM
тАО04-28-2005 08:56 PM
I have Secure Shell version A.03.91.002 installed on my HP-UX 11.00 workstation.
I would like to configure the sshd in a matter that ONLY a client (e.g: Windows client with putty or Secure Net Term) with a private/certain key will be able to connect and recieve a prompt for a login.
Eventually to achieve a goal of which effect that clients with no such key will be denied and won't even recieve a prompt for login at all!!!
Please help, it's quite urgent.
Thanks in advance,
Tal.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-28-2005 09:04 PM
тАО04-28-2005 09:04 PM
Re: sshd - connection between client & server
Make sure it works!
Then go itu your sshd_config on the server (/opt/ssh/etc/sshd_config) and cahnge:
#PasswordAuthentication yes
to
PasswordAuthentication no
Remember to restart you sshd service after the change :-)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-28-2005 09:53 PM
тАО04-28-2005 09:53 PM
Re: sshd - connection between client & server
1. Run sshd as a service through inetd.conf (you will have to use -i option to sshd)
Then allow certain ip addresses to connect in /var/adm/inetd.sec file. Something as follows.
sshd allow ip_address1, ip_address2
2. The hp ssh comes with built in tcp wrappers. so prepare /etc/hosts deny file. (somethign as follows.)
sshd : ip_address1, ip_address2
Restart sshd.
Anil
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-28-2005 10:03 PM
тАО04-28-2005 10:03 PM
SolutionHope this helps,
-denver
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-29-2005 01:40 AM
тАО04-29-2005 01:40 AM
Re: sshd - connection between client & server
Thanks for your reply.
How do I create a key ?
ssh-keygen ?
Tal.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-29-2005 02:06 AM
тАО04-29-2005 02:06 AM
Re: sshd - connection between client & server
your host.allow should look like that:
SSHD:
to create key use ssh-keygen -t dsa if you want to logging without password prompt then just type enter when prompted for passphrase. Also after creating the key on the client you must copy the public key in the .shh/authorized_key2 of the user home directory that you want to be able to log in.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-29-2005 02:29 AM
тАО04-29-2005 02:29 AM
Re: sshd - connection between client & server
I would like only the host & the client to have a key, which means, a client that does NOT have a private key won't be able to even login....
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-29-2005 03:22 AM
тАО04-29-2005 03:22 AM
Re: sshd - connection between client & server
Here's one way I would do it.
1) setup the public/private key pair for the windows client (not sure how to do this on your windows client, but it's ssh-keygen on unix). Put the public key in the ~/.ssh/authorized_keys file on the hp-ux box.
2) setup sshd_config to only allow PublicKey Authentication type.
3) use "AllowUsers username@client" in the sshd_config
4) restart sshd
5) test login from allowed host using keys, then test from a host isn't allowed (should get permission denied)
If you deny all authentication except for PubKey, then anyone w/out the correct identiy file will get "permission denied" when they try to connect. Using the "AllowUsers" list further restricts the setup in the event that your pubkey were used form another host.
Hope this helps,
-denver
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-29-2005 08:46 AM
тАО04-29-2005 08:46 AM
Re: sshd - connection between client & server
So I have to go with AllowUser function instead.