George MacKerron: code blog

GIS, software development, and other snippets

iPhone + public key SSH authentication: lovely

I’ve been unhappy for a while having the SSH daemon on my web server VPSs with password authentication enabled. Of course, it’s on a non-standard port, blocks root logins, and takes a strong-ish password… but the risk of a successful dictionary attack has still felt too non-zero for comfort.

Equally, though, I’ve not wanted to give up the ability to log in to the servers from anywhere to fix things in an emergency, so I didn’t want to turn password authentication off and rely on public keys alone.

Until now, that is. I realised yesterday that, since I have iSSH on the iPhone, which does public key authentication, I can log into my servers from anywhere, even with password authentication turned off. Granted, doing anything serious on a tiny screen and slow connection is difficult. But all I actually need to be able to do from there is temporarily turn password authentication back on.

And to make this easy, I’ve put two ultra-simple scripts in ~/bin:

sudo sed -r -e 's/^PasswordAuthentication no$/PasswordAuthentication yes/' \
  -i.previous /etc/ssh/sshd_config
sudo /etc/init.d/ssh restart

sudo sed -r -e 's/^PasswordAuthentication yes$/PasswordAuthentication no/' \
  -i.previous /etc/ssh/sshd_config
sudo /etc/init.d/ssh restart

(These paths are suitable for Ubuntu 8.04).



Written by George

May 28th, 2009 at 2:03 pm

Posted in System admin

  • Rajendra

    Hi ,

    We are working on one iPhone application on which we need to use SSH
    integration using libssh2. We can connect remote server through password, but we can’t get how to connect
    the remote server having authentication as privateKey as remote server having private key and
    public key authentication. Actually we want to connect Amazon EC2 instance using key

    So can you please provide us some more details how to connect it? Also it
    would be better if you will provide us any sample source code, so we can get
    better understanding.
    We can connect the AWS instance via MAC terminal using below command.

    ssh -i (keyFilePath) username@(domainname or IP)

    But unfortunately, we can’t connect using Xcode.