Timbuktu "Secure" Connection and Certificates?

Rob Trevor - 08:04am Sep 1, 2005 PST

Does anyone have any suggestions on how to use the Secure option in Timbuktu when the target machine has "PasswordAuthentication no" in /etc/sshd_config?

I regularly use SSH to connect the two machines - but I can't get Timbuktu to connect with the secure option since it tries to use SSH via user/password rather than the security certificates installed for SSH on the two machines.

How do I get Timbuktu to use SSH with certificates rather than passwords? (Well, I guess I can build a tunnel first, say using SSH Tunnel Manager, but it would be a lot easier if the existing Timbuktu interface could do it.)

Needless to say Timbuktu tech support just pointed me to the standard "how to use" document which implicitly assumes that the target machine has "PasswordAuthentication yes" in /etc/sshd_config.

Mark as Read

atlauren (apparently) - Sep 2, 2005 12:13 am (#1 Total: 2)

via email - Practicing random acts of punditry.

Posts: 814

Re: Timbuktu "Secure" Connection and Certificates?

At 8:04 AM -0700 9/1/05, Rob Trevor wrote:
>Does anyone have any suggestions on how to use the Secure option in
>Timbuktu when the target machine has "PasswordAuthentication no" in
>/etc/sshd_config?

Netopia's Mike Silverman offers this reply, forwarded with permission...

At 11:17 PM -0500 9/1/05, Silverman, Mike wrote:
>I'm not a subscriber to Tidbits-talk, but if you want to pass this along,
>you can. Timbuktu actually does use the installed security certificate when
>the OS is configured to use it for SSH, but here's the rub -- it uses the
>key for the SSH portion of the connection, but once the tunnel is
>established, you still need to enter a password for the Timbuktu portion of
>the connection, and that password is, by default (and this is not
>configurable yet, unfortunately) your OS X user password, which is identical
>to your SSH password, were SSH configured to use passwords!
>
>Normally, when SSH is configured to use passwords, the TB2 and SSH password
>is the same, and you enter it once and it is used both to build the SSH
>tunnel and to authenticate in TB2. But, when you use SSH keys, then the
>password is still needed, but only for the TB2 part of the connection.
>
>This appears to the end user as if they still have to enter their password
>anyway, but the password is only used for the TB2 portion of the connection,
>once the SSH tunnel is established using the keys.
>
>We hope to improve the UI for this in a future version of Timbuktu and make
>things work in amore obvious and intuitive way.
>
>--
>Mike Silverman
>Netopia QA

--
Andrew Laurence
atlauren

uci.edu

Rob Trevor - Sep 30, 2005 7:44 am (#2 Total: 2)

Posts: 2

Re: Timbuktu "Secure" Connection and Certificates?

Andrew (and Mike)

A very belated thanks. (It has been a mad month and I wanted time to confirm my intial testing.)

Unfortunately, it just doesn't work for me. I can SSH using cert's into my other Mac's. I can connect to them using Timbuktu. But I can't connect using Timbuktu's secure connection. (I've tried Panther->Panther, Panther->Tiger and Panther->Jaguar.)

All I can assume is that Timbuktu is making quite a few more assumptions about the SSH connection parameters (in addition to the one you have disclosed re same user id and password).

Perhaps you might be able to suggest to Mike that Timbuktu should read the ~.ssh/config file on the client or (better yet) have its own (optional) SSH config file on BOTH the client and server????

Many thanks

Rob

TidBITS TidBITS TidBITS Talk Timbuktu "Secure" Connection and Certificates?

Timbuktu "Secure" Connection and Certificates?

Add a message