hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : Securing SSH issue
Reply

Forum Jump

Securing SSH issue

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 05-19-2011, 04:55 PM
Lost Eagle Lost Eagle is online now
Web Hosting Evangelist
 
Join Date: Jul 2010
Location: Close 2 U
Posts: 497
Post

Securing SSH issue


Hi guys ...
I moved to SSH-RSA-keys method instead of the usual root-password authentication ...

but I want the SSH-RSA-keys method to login to a none SU user then I may SU ..

I created a new user "admin" with password and I add it manually to the /etc/group "wheel"

I can login as admin then su ... but the SSH-RSA-keys method not working .. I changed the private key owner.group to admin.admin

but still not ok ...
advise ?

__________________

Not as that Much Expert
I'm just a "LostEagle"
_-_-_-_-_-_-_-_-_-_-_-_-_




Sponsored Links
  #2  
Old 05-20-2011, 02:15 AM
david510 david510 is offline
Web Hosting Master
 
Join Date: Oct 2004
Location: Kerala, India
Posts: 4,708
I guess that you have missed something.

What steps were you following? You did copy the keys to the server, right?

__________________
David | www.cliffsupport.com
Affordable Server Management Solutions sales AT cliffsupport DOT com
CliffWebManager | Access WHM from iPhone and Android

  #3  
Old 05-20-2011, 03:23 PM
Lost Eagle Lost Eagle is online now
Web Hosting Evangelist
 
Join Date: Jul 2010
Location: Close 2 U
Posts: 497
ok ...

I create a user called admin
useradd admin

I grant a password:
passwd admin xxxxx

I modified the group file, /etc/group
and added him to the wheel line

i created the .ssh dir
I put their the publick key

I put the private key with my putty ...

I can login using Pu-Pr key ass root

but what i want is too login as admin the su- to be root

so, I chown the Pu-key as admin.admin

but, the admin fail to login with the key .. while the root still able to do ..


advise ... whats missing ?

__________________

Not as that Much Expert
I'm just a "LostEagle"
_-_-_-_-_-_-_-_-_-_-_-_-_


Sponsored Links
  #4  
Old 05-20-2011, 09:56 PM
ZKuJoe ZKuJoe is offline
Securing the Dragon.
 
Join Date: Feb 2007
Location: Federal Heights, CO
Posts: 1,705
Is there any error in your secure.log/auth.log/whateveryoursshlogsto.log?
Did you try using -d when logging in to see if you see any errors?
Did you set the correct permissions for your files/folders (chmod 0700 .ssh && chmod 0600 .ssh/*)?
Did you change the public key owner to admin (chown -R admin:admin .ssh)?

__________________
-Joe @ Secure Dragon LLC.
+ OpenVZ Powered by Wyvern | KVM | cPanel Hosting | Backup VPSs | LowEndBoxes | DDOS Protection
+ Florida | Colorado | Illinois | California | Oregon | Georgia | New Jersey | Arizona | Texas


  #5  
Old 05-21-2011, 02:45 AM
david510 david510 is offline
Web Hosting Master
 
Join Date: Oct 2004
Location: Kerala, India
Posts: 4,708
Make sure the permissions are set as follows. Most probably the permission on home directory (/home/admin) will be wrong.

* Permissions
authorized_keys and authorized_keys2 --> 600
.ssh --> 700
Home Directory --> 711
Keys (id_dsa,id_rsa) --> 600
Public Keys (id_dsa.pub,id_rsa.pub) --> 644

__________________
David | www.cliffsupport.com
Affordable Server Management Solutions sales AT cliffsupport DOT com
CliffWebManager | Access WHM from iPhone and Android

  #6  
Old 05-21-2011, 10:34 AM
Lost Eagle Lost Eagle is online now
Web Hosting Evangelist
 
Join Date: Jul 2010
Location: Close 2 U
Posts: 497
Using username "admin".
Server refused our key

----------
guys this was working as root access via the keys .. but i want to access as admin the su as root ..

-------
all permissions - owners are ok ...
but should I move the .ssh dir to the /home/admin ?

__________________

Not as that Much Expert
I'm just a "LostEagle"
_-_-_-_-_-_-_-_-_-_-_-_-_


  #7  
Old 05-23-2011, 08:10 AM
CoderJosh CoderJosh is offline
Web Hosting Master
 
Join Date: May 2008
Location: Germany
Posts: 675
Did you copy over .ssh/authorized_keys from root's home directory to admin's home directory?

EDIT: Don't move the entire .ssh directory, just copy or move authorized_keys and make sure the owner and file permissions are okay.

__________________
CoderJosh | Web Application Developer and Linux Server Admin
█ SysAdmin Services | WebApp Coding | Tuning | Hardening
█ Available for hire on a per-project or part-time basis | http://www.coderjosh.com/


  #8  
Old 05-23-2011, 08:40 AM
Lost Eagle Lost Eagle is online now
Web Hosting Evangelist
 
Join Date: Jul 2010
Location: Close 2 U
Posts: 497
ops ... i was missing some thing ...
thanks a lot ... its working well

i appreciate your help guys ..................

__________________

Not as that Much Expert
I'm just a "LostEagle"
_-_-_-_-_-_-_-_-_-_-_-_-_


Reply

Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh issue gate2vn Hosting Security and Technology 11 07-01-2006 08:31 PM
Securing SSH: protocol SSH2 and hiding the direct access of root manuel_accu Hosting Security and Technology Tutorials 0 06-03-2006 06:20 AM
SSH Issue Pryach Dedicated Server 8 10-29-2005 03:47 PM
SSH Issue Tamranda_Ankit Hosting Security and Technology 9 08-23-2004 07:42 AM
Securing /home/sites from SSH/telnet users afriq Dedicated Server 0 10-11-2001 07:46 AM

Related posts from TheWhir.com
Title Type Date Posted


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?