Am 16.07.20 um 18:22 schrieb Jyoti Kumar:
Now I want to login broker server through ssh .pem key, how to do that ? I am using x2go client in Windows 7.
You don't. ;)
X2GoClient on Windows can read OpenSSH Private Key files, and it can work with pageant.exe, which in turn can read PuTTY-style SSH Private Key files.
If I share user id and password of broker server to anyone, he can login through Putty or any Terminal via " ssh 192.168.0.19 " as well as through x2go client. It seems risky .
How to secure it ? Is there a way to disable putty or terminal access of ssh and allow only through x2go client.
X2Go is not a security mechanism, X2Go is a remote desktop/remote application tool. You need to use the standard Linux security mechanisms to lock down your system. However, I would guess it's near impossible to lock it down in a way that login via SSH to a shell is blocked, but X2Go still works.
If you want to increase security against people that are not supposed to be using your server, that can be done with 2FA (either SSH keyfiles, or various OTP methods). But blocking a legitimate user from running the shell, while still allowing X2Go ... no.
A longer explanation why this won't work, and why this is the wrong way to solve your issue, can be found in this bug report from a while ago: <https://bugs.x2go.org/cgi-bin/bugreport.cgi?bug=1465>
-Stefan
-- BAUR-ITCS UG (haftungsbeschränkt) Geschäftsführer: Stefan Baur Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364 Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243