You are viewing a single comment's thread from:
RE: Zero to Witness: Part 2: Connecting to the server
If you already use WSL2, the Windows Subsystem For Linux
That is a good thought. Since I communicate frequently with various servers, that would actually be very helpful.
It's strange that I haven't considered this yet...
If you have any queries about this episode
Not on the current "issue", but...
Perhaps you still intended to go into this, otherwise I would be pleased if you could briefly describe how to set up the logon to the server using a certificate so that the password logon can be deactivated.
I had tried this but could not integrate the certificate on the server in a functional way.
Sure, let's go that route :) I'd been planning to stick with password authentication just for simplicity; but there's no denying that a cert would be better.
Next ep, we'll do basic initial server hardening -- update it, add a user for daily use, set up cert auth, disable password auth and disable ssh-as-root.
When I see in the logs how often any bots try to log in there, I would like to switch off the password authentication.
Deal with the issue when it suits you. I'm in no hurry... :-)
Already got the screenies, will be posted over the weekend :)
PS: WSL2 is really great. I find myself doing a lot of day-to-day tasks in the WSL shell even for routine Windows file ops, etc. The path is set up so that you can run Windows binaries from the same environment too, it's a really nice integration.