[NBLUG/talk] I'm getting ssh scanned! Should I be worried?

E Frank Ball frankb at frankb.us
Sat Oct 23 11:36:15 PDT 2004


On Mon, 18 Oct 2004 11:28:36 -0700, Dave Sisley <dsisley at arczip.com> wrote:
} 
} Hmmm... I'm confused (obviously).  Since the goal is to be able to log
} into my home box from a few trusted machines, I thought I needed to
} generate key pairs on each of those machines and provide the public
} key from the remote machines to my home machine.  This is done by
} appending the remote machine's public key to my home box's
} authorized_keys2 file.

Are you using openssh?  authorized_keys is the file.  authorized_keys2
was for ssh2 (as in not free ssh2, not protocol 2 with openssh, openssh
can do either protocol 1 or 2).


} Are you saying I could just have just created a pair on the home box
} and used the public key from that set?  

Yes.


} I'm not sure what you mean here.  I should consider the sonic account
} to be un-trusted?  

Yes.


} As for not keeping my private keys on an un-trusted
} machine, do you mean the private key from my home box (because that
} makes sense - that private key stays on that machine).  

Yes.


} - Or is the larger point that I should not be logging in via sonic?

Yes.


-- 

   E Frank Ball                frankb at frankb.us




More information about the talk mailing list