FreeBSD.org intrusion and how to use SSH Keys and SSH-Agent

Great excuse to write about how to use ssh keys securely by password protecting the keyfile: On Sunday 11th of November 2012 FreeBSD.org has suffered an intrusion on two machines that contained third party software (packages, ports) within the FreeBSD.org cluster. adidas en ligne For details about this read this Incident Report. avis bottes ugg As far as i can guess from the report and the news, it appears the intruder gained access to the affected systems by means of a developers ssh key that was not protected by a passphrase. [Read more…]

SSHd with FreeBSD 5.3

General Information

I ran FreeBSD 5.2 for a long time with the default SSHd and then decided to upgrade to 5.3-STABLE. adidas pas cher timberland roll top pas cher ugg classic ugg bottes bottes ugg australia pas cher asics duomax I normally use SecureCRT as my SSH client and I like password authentication. new balance femme ugg homme 2017 asics nike cortez timberland soldes ugg australia After I upgraded to 5.3, timberland discount ugg bailey bow I could no longer logon using password authentication and I had to switch to keyboard interactive. chaussure tn pour homme ffxiv gil adidas zx flux homme basket nike air jordan 1 soldes nike air max 2014 This disallowed me from logging in with sftp from remote locations which really bummed me out. new balance 574 new balance 574 nike air huarache timberland soldes nike air max thea ugg men Here is the fix I found.

[Read more…]

Chroot Users With sftp

General Information

This walkthrough will root your users to their home directory for those users you don’t want browsing all over your FreeBSD machine. adidas chaussures nike dunk chaussure adidas zx flux I would suggest doing this at your console or possibly running a script to kill all the running sshds and then starting the sshd2 deamon.

[Read more…]