SkyperTHC
commented
1 year ago ssh key is public. User can use this to auto-login. I'm concerned that wihtout any password that crawlers will just take over the system....
Closed SkyperTHC closed 1 year ago
SkyperTHC
commented
1 year ago ssh key is public. User can use this to auto-login. I'm concerned that wihtout any password that crawlers will just take over the system....
SSH protocol supports authentication without entering password or providing SSH key. Take a look at my
ssh ssh-j.com
It uses patched dropbear SSH server which returns SSH_MSG_USERAUTH_SUCCESS on the first authentication request. If this is implemented, the user won't need to enter "segfault" password. See https://www.rfc-editor.org/rfc/rfc4252#section-5.2 for more information.
The problem to overcome: