Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

How do you securely access multiple LEBs?

How do you securely access multiple LEBs?

diffradiffra Member
edited July 2012 in General

I'm not asking for you guys to go into too many details, but just wondering how you guys handle this? I generally have a passwordless SSH key on my truecrypt drive that I use to get into one host, which works as my IRC/shell box and has a passworded key on it that lets me into the rest of my machines. Password auth disabled all around. I can't help but think there's a better way, but it's not coming to me at the moment?

Comments

  • DamianDamian Member

    The one key for all of your other machines is stored on a single account? Or am I missing what you described?

    I am no longer affiliated with IPXcore.
  • diffradiffra Member

    Well when you put it that way it just sounds plain insecure :P

    Yes. Yes it is. I'm reinstalling a few of the machines and thought it was as good a time as any to rethink this.

  • TaylorTaylor Member

    Root, port 22 and ssh :P

    I know, I'm Dale Maily.

    Thanked by 1Jeffrey
  • SurgeSurge Member

    @diffra, instead of putting the key on that box try ssh agent forwarding and keep the key on your physical machine.

  • that's the new keychain i'm thinking about lately: http://www.cz.all.biz/img/cz/catalog/32259.jpeg

    no kidding

  • gsrdgrdghdgsrdgrdghd Member without signature

    Jus store the key to all your machines on your desktop and you'll be fine.

    Thanked by 1HalfEatenPie
  • @gsrdgrdghd said: Jus store the key to all your machines on your desktop and you'll be fine.

    This guy knows data security. I believe him.

    Catalyst Host - Pie Approved!
  • 1) Change SSH port 2) Disable all password logins 3) Private key/s on my Desktop (home computer) 4) Daily backup of ssh key/s to EncFS (encrypted) folder which gets backed up to Dropbox 5) ** If any servers need to communicate between each other, use public keys.

    (Think I copied the setup from someone here or another server blog/forum).

  • @telephone said: 1) Change SSH port 2) Disable all password logins 3) Private key/s on my Desktop (home computer) 4) Daily backup of ssh key/s to EncFS (encrypted) folder which gets backed up to Dropbox 5) ** If any servers need to communicate between each other, use public keys.

    That's pretty awesome.

    Catalyst Host - Pie Approved!
    Thanked by 1djvdorp
  • KeePass to store passwords, root, SSH, custom port (usually)

  • hmmmmhmmmm Member

    I connect to the SSH port (not 22) with PuTTY as root using a password like a real man ;)

  • vldvld Member

    I need to hack my servers every time I want to login, but I also have to patch the hole I used. I find that this keeps me in shape. /troll

  • meromero Member

    I use ssh w/ password on non-standard port and disabled root login, but thinking about using keyfiles soon... maybe storing them in a local truecrypt container. Putting the container in Dropbox is a nice idea, thanks!

  • yomeroyomero Member

    @vld said: I need to hack my servers every time I want to login, but I also have to patch the hole I used. I find that this keeps me in shape.

    Like a bosssss!!!

  • If you put a passphrase on your key, there's not much point to storing them in yet another passphrase (TrueCrypt/etc)...

    Looking for support, sysadmin, etc. work: PM
    Working on VPSM
    Thanked by 1yomero
  • CoreyCorey Member

    SSH Password w/ KeePass

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
Sign In or Register to comment.