Secure Shell
Unix (pam) authorization with required public key Aug 31 2010 06:51AM
?л?я Ско?ик (ilya skorik me) (1 replies)
Re: Unix (pam) authorization with required public key Aug 31 2010 03:43PM
Greg Wooledge (wooledg eeg ccf org) (1 replies)
Re: Unix (pam) authorization with required public key Aug 31 2010 04:34PM
Ð?лÑ?я СкоÑ?ик (ilya skorik me) (1 replies)
We each other haven't understood.

I have adjusted authorization on a public key. But only two methods:

1. The server will authorize without the password (if the key formed
without the password).

2. The client ask the key password (if the key is protected by the password).

It is necessary for me:

1. What the client is mandatory had a public key without the password
without which the server won't pass the client.

2. That at authorization the client would ask the unix password of the
user on the server.

2010/8/31 Greg Wooledge <wooledg (at) eeg.ccf (dot) org [email concealed]>:
> On Tue, Aug 31, 2010 at 10:51:08AM +0400, ???????? ???????????? wrote:
>> I want to set ssh authorization through unix/pam with mandatory public
>> key. I want will make sure that except the password the user has an
>> acknowledgement of legitimacy in the form of a public key. Thus the
>> password should be from unix/pam, not from key.
>> I tried different variants. It turned out with key and without the
>> password, or the password undertook from a key, instead of from
>> unix/pam.
> Public key authentication does not involve a password, and it does not
> involve PAM.
> If you are attempting to require the use of a passPHRASE on the private
> key, then you need to be aware that the private key is only seen by the
> ssh client, not the server. ?The server has no idea whether the key was
> passPHRASE protected or not.
> Server-side passWORDS have nothing at all to do with public key
> authentication, or with the passPHRASES that are used to protect the
> private keys.

Yours faithfully, Ilya Skorik

[ reply ]
Re: Unix (pam) authorization with required public key Sep 01 2010 05:52AM
Hans Harder (hans atbas org)


Privacy Statement
Copyright 2010, SecurityFocus