rene.klootwijk at nl.abnamro.com
2002-Apr-24 15:56 UTC
hostbased authentication and the root account
We have a problem using hostbased authentication in combination with the root account. We use hostbased authentication to hop from a 'management server' where we use strong authentication to several systems in a cluster. The management server is defined in shosts.equiv and the public key of this server is defined in ssh_known_hosts. This setup works for all users except for the root user (which is needed for maintenance scripts to work). We've got it working for the root account by specifying the management server in the /root/.shosts file and setting the IgnoreRhosts option to no. This is not what we want, we want to ignore user specific shost files, so setting the IgnoreRhosts option to yes. In the source of auth-rhosts.c, line 205, an if statement specifies that the central shosts.equiv file is only checked for accounts other than root. Why is this? Regards, Rene --------------------------------------------------------------------------- This message (including any attachments) is confidential and may be privileged. If you have received it by mistake please notify the sender by return e-mail and delete this message from your system. Any unauthorised use or dissemination of this message in whole or in part is strictly prohibited. Please note that e-mails are susceptible to change. ABN AMRO Bank N.V. (including its group companies) shall not be liable for the improper or incomplete transmission of the information contained in this communication nor for any delay in its receipt or damage to your system. ABN AMRO Bank N.V. (or its group companies) does not guarantee that the integrity of this communication has been maintained nor that this communication is free of viruses, interceptions or interference. ---------------------------------------------------------------------------
On Wed, 24 Apr 2002 rene.klootwijk at nl.abnamro.com wrote:> Date: Wed, 24 Apr 2002 17:56:51 +0200 > From: rene.klootwijk at nl.abnamro.com > To: openssh-unix-dev at mindrot.org > Subject: hostbased authentication and the root account > > We have a problem using hostbased authentication in combination with the > root account. We use hostbased authentication to hop from a 'management > server' where we use strong authentication to several systems in a cluster. > The management server is defined in shosts.equiv and the public key of this > server is defined in ssh_known_hosts. This setup works for all users exceptThe ssh_known_hosts file is a means for the client to check hostkeys when connecting to some sshd on some other system. If you put the managment server's public key (sshd_host_rsa_key.pub) in the /etc/ssh_known_hosts file on the other machines, you're ensuring that you can connect to the management server from the other machines with ssh without a manual hostkey check. From what you're describing, unless I'm reading wrong, it seems like you are wanting to make ssh connections from the management server to the other machines... in which case you need all of the other machines' hostkeys installed in /etc/ssh_known_hosts on the management server.> for the root user (which is needed for maintenance scripts to work). We've > got it working for the root account by specifying the management server in > the /root/.shosts file and setting the IgnoreRhosts option to no. This is > not what we want, we want to ignore user specific shost files, so setting > the IgnoreRhosts option to yes. In the source of auth-rhosts.c, line 205, > an if statement specifies that the central shosts.equiv file is only > checked for accounts other than root. Why is this?I don't know why... but the way we do this kind of thing is to create a keypair for the root user on the management server, store the private key in a "protected" file (mode 0600, owner root, on a local disk) with no passphrase, and copy the public key to /.ssh/authorized_keys2 on each system where we want to run something as root using ssh from the management server. I think this is the preferred way, as opposed to putting a passphrase in a file that would then be used to decrypt a private key, or resorting to something like .shosts or .rhosts. I think the main reason it's preferred is because it is less (not?) susceptable to IP spoofing, assuming you can keep the hostkeys secure. Sorry to leave your question unanswered, but I hope this helps nonetheless. ;-) Ed Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082 Systems Programmer III, Network and Systems Services finger -l ed at polycut.nss.udel.edu for PGP public key
Reasonably Related Threads
- OpenSSH 3.4p1 hostbased authentication
- Hostbased Authentication Question
- OpenSSH 3.4p1 hostbased auth - howto?
- OpenSSH_6.7p1 hostbased authentication failing on linux->linux connection. what's wrong with my config?
- OpenSSH_6.7p1 hostbased authentication failing on linux->linux connection. what's wrong with my config?