1 |
On Thu, Jan 8, 2009 at 10:57 AM, Paul Hartman |
2 |
<paul.hartman+gentoo@×××××.com> wrote: |
3 |
> On Wed, Jan 7, 2009 at 6:11 PM, Dave Jones <Dave.Jones@××××××.nl> wrote: |
4 |
>> Paul Hartman wrote on 08/01/09 00:28: |
5 |
>>> Hi, |
6 |
>>> |
7 |
>>> Normally I'm using SSH with regular password login, and I've read |
8 |
>>> about generating a keypair and having a password-less connection that |
9 |
>>> way. Is there a way to require both the key AND a password? Basically |
10 |
>>> if I put the key in my SSH client at work, I don't want a co-worker to |
11 |
>>> be able to login to my home PC, or someone to grab my phone, etc. |
12 |
>>> |
13 |
>>> Is there a way to put a passphrase on the key (seperate from my user |
14 |
>>> account password)? Maybe that would work... Otherwise I've thought |
15 |
>>> about having a dummy SSH account and then "su - realuser" to get |
16 |
>>> access, but that seems kind of messy. |
17 |
>>> |
18 |
>>> I've always used password login and IP-restricted it, but now I'm |
19 |
>>> traveling more and never know what IP I might be connecting from, so |
20 |
>>> using a key seems to be the best plan, or maybesome kind of |
21 |
>>> portknocking (but that's difficult from restricted ssh environments |
22 |
>>> such as a phone). |
23 |
>>> |
24 |
>> By default ssh-keygen creates a key pair with a passphrase. It's your choice to enter or omit a passphrase. |
25 |
>> |
26 |
>> If you've generated a key without a passphrase, you can add a passphrase using ssh-keygen -p |
27 |
>> |
28 |
>> Entering a passphrase encrypts the private part of the key, which you keep only on the server. You only need the public part of the key on the client. |
29 |
>> |
30 |
>> Cheers, Dave |
31 |
> |
32 |
> It works great. Thanks everyone for your responses! |
33 |
> |
34 |
> Paul |
35 |
> |
36 |
|
37 |
Well, almost great :) |
38 |
|
39 |
I can't figure out how to get NXclient to connect. It says the key is |
40 |
corrupt or has a passphrase (which it does). Has anyone used NX with a |
41 |
key-based SSH with passphrase? |
42 |
|
43 |
Thanks, |
44 |
Paul |