Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Re: openSSH, SecureCRT, RSA
- Darren Tucker
December 19, 2004, 11:26 pm
rate this thread
That would be bad. Does your account have no password, and is
PermitEmptyPasswords set to yes in sshd_config?
I suspect this is the case and those clients are being permitted via the
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
- Richard E. Silverman
December 20, 2004, 5:42 am
Re: openSSH, SecureCRT, RSA
Before I connect using SecureCRT and RSA, everything works as normal (3rd
party can't get in). After authenticating with SecureCRT and RSA, anybody
can sign in, even without the appropriate key.
The behavior is key specific. If I generate two keys and include them both
in my authorized_keys file, and log in with SecureCRT, I can fix the problem
by deleting the key I signed in with.
And yes, the account has a password, and no, PermitEmptyPasswords is set to
- » protocol question - issue with exit-status inside unfinished data stream?
- — Newest thread in » Secure Shell Forum