[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Not allow users to change passwd

To: David Terrell <dbt@meat.net>
Subject: Re: Not allow users to change passwd
From: Camiel Dobbelaar <camield@inet.unisource.nl>
Date: Wed, 15 Sep 1999 14:00:39 +0200 (MET DST)
Cc: misc@openbsd.org

The passphrase is used to encrypt/decrypt the private key on the client,
when it is needed to respond to the challenge from the server.

You can configure sshd to *also* ask for the Unix password though, of
which the administrator of the server can make sure it isn't empty. Makes
logging in a bit awkward though.

--
Camiel

On Wed, 15 Sep 1999, David Terrell wrote:
> sshd never sees the remote prive key -- it just knows if it passed the 
> challenge.  This protects the private key against corrupted servers.
> 
> On Wed, Sep 15, 1999 at 12:10:17PM +0200, Tor Houghton wrote:
> > 
> > Speaking of SSH & keys, is there a way to make sure that a key has a
> > passphrase? (Or do I need to hack sshd to do this?)
> 
> -- 
> David Terrell                             | dbt@meat.net, dbt@paypal.com
> Instant Payments... Anytime... Anywhere.  | http://www.paypal.com/
> PayPal, a free service of Confinity, Inc  | http://www.confinity.com/
>

References:
- Re: Not allow users to change passwd
  - From: David Terrell <dbt@meat.net>

Prev by Date: Re: Not allow users to change passwd
Next by Date: Re: Adaptec AHA-2940U2
Prev by thread: Re: Not allow users to change passwd
Next by thread: Re: Not allow users to change passwd
Index(es):
- Date
- Thread