Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | Next revision Both sides next revision | ||
|
ssh [2015/06/01 17:30] steve |
ssh [2015/06/01 17:31] steve |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| * [[dropbear]] | * [[dropbear]] | ||
| * [[OpenSSH]] | * [[OpenSSH]] | ||
| - | |||
| - | ==== Policy ==== | ||
| - | |||
| - | Users need to be in ''ssh-users'' group to be granted SSH access to a server. | ||
| - | |||
| - | Root access through SSH is denied. | ||
| - | |||
| - | Public-key authentication is the only login method. | ||
| - | |||
| - | On systems where we have root access, a ''dtrike'' account will be created. This user will have root access through sudo. The user will also allow anyone with a public key access. | ||
| - | |||
| - | For clients who want to have access without public keys, a second SSH server will be run on port 222 (dropbear) with IP address restriction. | ||
| === Managing Keys === | === Managing Keys === | ||
