Configuring OpenSSH to accept public-key authentication

Configuring OpenSSH to accept public-key authentication

To enable your OpenSSH to accept version 2 public key, you would need to modify /etc/ssh/sshd_config. You could use vi editor (or whatever editor you are familiar with) to uncomment/add/modify the following lines to /etc/ssh/sshd_config:

# the default SSH port is 22, you could alter it if necessary
Port 22

# accept version 2 keys only
Protocol 2

# NEVER allow root to login directly over the net
PermitRootLogin no
StrictModes yes
MaxAuthTries 3

# enable public-key authentication
RSAAuthentication no
PubkeyAuthentication yes

# securing your OpenSSH
# do not use host-based authentication for security reason
RhostsRSAAuthentication no
HostbasedAuthentication no
IgnoreUserKnownHosts yes
PermitEmptyPassword no

# do not allow telnet-type login for security reason
ChallengeResponseAuthentication no
PasswordAuthentication no

X11Forwarding yes
X11DisplayOffset 10

After you have made changes to /etc/ssh/sshd_config, you would need to restart the OpenSSH daemon by executing `/etc/init.d/ssh restart` (on Ubuntu).

Advertisements

Posted on September 27, 2011, in General, Uncategorized. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: