====== SSH Keys and Security ======

I highly suggest that when enabling root login in your /etc/ssh/sshd_config you follow these instructions.

1) Edit /etc/ssh/sshd_config and add the following

  * Protocol 2
  * MaxAuthTries 3
  * PermitRootLogin without-password
  * # HostKeys for protocol version 2
  * HostKey /etc/ssh/ssh_host_rsa_key
  * HostKey /etc/ssh/ssh_host_dsa_key
  * PubkeyAuthentication yes
  * AuthorizedKeysFile      .ssh/authorized_keys

The ''PermitRootLogin without-password'' will allow root login by **SSH RSA key only** and still let you access root with VM2.

Only use ''Protocol 2'' for security and make sure that ''MaxAuthTries'' is 3

When you create your SSH key with VM2 copy the ''PUBLIC KEY'' to your ''/root/.ssh/authorized_keys'' on the server you are going to connect to and chmod 600 the file.

That's it and the system is secure. You can now let VM2 to login as root by the SSH key only.

--- //[[sgrayban@gmail.com|sgrayban]] 2008/01/26 10:25//