[Ach] Fwd: SSH Pubkey authentication?

Axel Hübl axel.huebl at web.de
Mon Jan 6 16:37:58 CET 2014

Hi Lorenz,

I think promoting
> PasswordAuthentication no

is a good thing and worth to be added, too.

Should not be much longer than that option and a comment above it, I
guess. Key-creation on the client side and ssh-copy-id can be referenced
in a footnote.


On 06.01.2014 15:42, Aaron Zauner wrote:
> ---------- Forwarded message ----------
> From: *Aaron Zauner* <azet at azet.org <mailto:azet at azet.org>>
> Date: Mon, Jan 6, 2014 at 3:27 PM
> Subject: Re: [Ach] SSH Pubkey authentication?
> To: Lorenz Intichar <lorenz at intichar.at <mailto:lorenz at intichar.at>>
> Hi Lorenz,
> Lorenz Intichar wrote:
>> Dear List,
>> would you think it worth while to recommend (and/or explain) SSH
>> pubkey authentication in ACH, or would that be considered Off-Topic
>> in a crypto manual?
>> I´d like to propose SSH PubKey procedures (i.e Key Generation, open
>> SSH "PasswordAuthentication no" and PubKey Auth in IOS / ASA) as a
>> general security enhancement, but would like to get some opinions
>> about this topic (or off-topic ;-) ) first.
> That's probably not a bad idea as long as it doesn't get too verbose.
> The guide is aimed at sysadmins and most probably already know what
> public key authentication is. A short guide would be helpful though.
> Feel free to write something and open a pull request on github or the
> mailing list.
> Thanks,
> Aaron
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3740 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140106/5cacf27c/attachment.bin>

More information about the Ach mailing list