rsnt_translations
56,420
edits
SSH Keys: Difference between revisions
Jump to navigation
Jump to search
no edit summary
No edit summary |
No edit summary |
||
| Line 182: | Line 182: | ||
restrict,from="d24-141-114-17.home.cgocable.net" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGhczaUoV6SzR2VEf9Rp4/P9xHVU8S72CKHrwKU+Yntx | restrict,from="d24-141-114-17.home.cgocable.net" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGhczaUoV6SzR2VEf9Rp4/P9xHVU8S72CKHrwKU+Yntx | ||
Limiting by hosts is a powerful way to minimize the danger posed by a key being compromised. In this case, the <code>restrict</code> keyword | Limiting by hosts is a powerful way to minimize the danger posed by a key being compromised. In this case, the <code>restrict</code> keyword | ||
turns off <code>pty allocation</code>, which makes an interactive session behave peculiarly. For a source-constrained interactive session | turns off <code>pty allocation</code>, which makes an interactive session behave peculiarly. For a source-constrained interactive session | ||
restrict,from="d24-141-114-17.home.cgocable.net",pty ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGhczaUoV6SzR2VEf9Rp4/P9xHVU8S72CKHrwKU+Yntx | restrict,from="d24-141-114-17.home.cgocable.net",pty ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGhczaUoV6SzR2VEf9Rp4/P9xHVU8S72CKHrwKU+Yntx | ||
allows pty allocation. | allows pty allocation. | ||
<!--T:29--> | <!--T:29--> | ||
There are a large number of these key constraints, which are documented in the sshd man page ( | There are a large number of these key constraints, which are documented in the sshd man page (<code>man sshd</code> on a Linux system). | ||
== Best practices for key pairs == <!--T:30--> | == Best practices for key pairs == <!--T:30--> | ||
| Line 232: | Line 232: | ||
<!--T:55--> | <!--T:55--> | ||
If you believe that your SSH key has been listed on the Key Revocation List in error, or if you have concerns or questions related to key revocation and access to Alliance services, contact our [[Technical support]] for assistance. They will be able to guide you through the resolution process and help ensure the continued security of your digital interactions with | If you believe that your SSH key has been listed on the Key Revocation List in error, or if you have concerns or questions related to key revocation and access to Alliance services, contact our [[Technical support]] for assistance. They will be able to guide you through the resolution process and help ensure the continued security of your digital interactions with our services. | ||
Security is of paramount importance, and swift action in response to a compromised SSH key is essential to maintain the integrity of digital research and collaboration. | Security is of paramount importance, and swift action in response to a compromised SSH key is essential to maintain the integrity of digital research and collaboration. | ||
</translate> | </translate> | ||