[X2Go-User] Using Encrypted Home & Passwords
senrabdet at aol.com
senrabdet at aol.com
Wed Mar 14 13:44:10 CET 2012
Hi All:
We're experimenting with a couple of things:
1) Using x2go Encrypted Home partitions.
2) Requiring use of a log in password in addition to SSH keys.
Q:
1) There seems to be some merit in requiring a login password in addition to an ssh key. While it is nice to be able to connect without a password, if a windows laptop is compromised or stolen (and we realize nothing is foolproof), can't someone steal the key have have full access to a user's account? Requiring the user to enter a password at login seems to start to address this.
What do people think? Would this be an enhanced, "yes that makes" sense sort of approach? Other, better approaches (would prefer not to require fobs or physical key devices).
2) We haven't been able by changing settings is sshd_config to force a password request - is that something we'd do in creating the ssh keys? We are using Ubuntu Server 10.4 and have seen some things on Google searches that suggest OpenSSH actually doesn't allow you to force the use of a password....
3) If we encrypted the home partition, the x2go connection fails but then we can connect by entering the login password. We can get around this by creating a link to a folder outside of the encrypted partition with the authorized_key, but are know starting to think maybe we want to require the password for login.
Is there a way to go right to the x2go "Loginin" screen (the one you get is you show enter a path to ssh keys) so when a user starts the Windows Client, they see that screen to enter a log in password?
Thanks,
Ted
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.x2go.org/pipermail/x2go-user/attachments/20120314/ec17f174/attachment.html>
More information about the x2go-user
mailing list