Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


How do you securely access multiple LEBs?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

How do you securely access multiple LEBs?

diffradiffra Member
edited July 2012 in General

I'm not asking for you guys to go into too many details, but just wondering how you guys handle this? I generally have a passwordless SSH key on my truecrypt drive that I use to get into one host, which works as my IRC/shell box and has a passworded key on it that lets me into the rest of my machines. Password auth disabled all around. I can't help but think there's a better way, but it's not coming to me at the moment?

Comments

  • DamianDamian Member

    The one key for all of your other machines is stored on a single account? Or am I missing what you described?

  • diffradiffra Member

    Well when you put it that way it just sounds plain insecure :P

    Yes. Yes it is. I'm reinstalling a few of the machines and thought it was as good a time as any to rethink this.

  • TaylorTaylor Member

    Root, port 22 and ssh :P

    Thanked by 1Jeffrey
  • SurgeSurge Member

    @diffra, instead of putting the key on that box try ssh agent forwarding and keep the key on your physical machine.

  • that's the new keychain i'm thinking about lately:
    http://www.cz.all.biz/img/cz/catalog/32259.jpeg

    no kidding

  • Jus store the key to all your machines on your desktop and you'll be fine.

    Thanked by 1HalfEatenPie
  • @gsrdgrdghd said: Jus store the key to all your machines on your desktop and you'll be fine.

    This guy knows data security. I believe him.

  • 1) Change SSH port
    2) Disable all password logins
    3) Private key/s on my Desktop (home computer)
    4) Daily backup of ssh key/s to EncFS (encrypted) folder which gets backed up to Dropbox
    5) ** If any servers need to communicate between each other, use public keys.

    (Think I copied the setup from someone here or another server blog/forum).

  • @telephone said: 1) Change SSH port

    2) Disable all password logins
    3) Private key/s on my Desktop (home computer)
    4) Daily backup of ssh key/s to EncFS (encrypted) folder which gets backed up to Dropbox
    5) ** If any servers need to communicate between each other, use public keys.

    That's pretty awesome.

    Thanked by 1djvdorp
  • PacketVMPacketVM Member, Host Rep

    KeePass to store passwords, root, SSH, custom port (usually)

  • hmmmmhmmmm Member

    I connect to the SSH port (not 22) with PuTTY as root using a password like a real man ;)

  • vldvld Member

    I need to hack my servers every time I want to login, but I also have to patch the hole I used. I find that this keeps me in shape.
    /troll

  • meromero Member

    I use ssh w/ password on non-standard port and disabled root login, but thinking about using keyfiles soon... maybe storing them in a local truecrypt container.
    Putting the container in Dropbox is a nice idea, thanks!

  • yomeroyomero Member

    @vld said: I need to hack my servers every time I want to login, but I also have to patch the hole I used. I find that this keeps me in shape.

    Like a bosssss!!!

  • If you put a passphrase on your key, there's not much point to storing them in yet another passphrase (TrueCrypt/etc)...

    Thanked by 1yomero
  • CoreyCorey Member

    SSH Password w/ KeePass

Sign In or Register to comment.