<HTML ><HEAD ><TITLE >User Access - letting people in</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+ "><LINK REL="HOME" TITLE="VPN HOWTO" HREF="index.html"><LINK REL="UP" TITLE="Server" HREF="c224.html"><LINK REL="PREVIOUS" TITLE="Security - keeping people out" HREF="x227.html"><LINK REL="NEXT" TITLE="Restricting Users" HREF="x256.html"></HEAD ><BODY CLASS="sect1" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="3" ALIGN="center" >VPN HOWTO</TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="bottom" ><A HREF="x227.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="80%" ALIGN="center" VALIGN="bottom" >Chapter 3. Server</TD ><TD WIDTH="10%" ALIGN="right" VALIGN="bottom" ><A HREF="x256.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="sect1" ><H1 CLASS="sect1" ><A NAME="AEN245">3.2. User Access - letting people in</H1 ><P > User access is done via ssh's authentication scheme. As stated above, this is how users get access to the system, while maintaining a high level of security. If you're not familiar with ssh, check out <A HREF="http://www.ssh.org/" TARGET="_top" >http://www.ssh.org/</A >. Note that I am using ssh version 1, not version 2. There is a big difference, notably that version 1 is free, and 2 isn't. </P ><DIV CLASS="sect2" ><H2 CLASS="sect2" ><A NAME="AEN249">3.2.1. Configuring <B CLASS="command" >sshd</B ></H2 ><P > You'll need to configure <B CLASS="command" >sshd</B >. The idea is to disable password authentication and rhosts authentication. The following options should be present in your <TT CLASS="filename" >/etc/sshd_config</TT > file. </P ><TABLE BORDER="0" BGCOLOR="#E0E0E0" WIDTH="100%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="screen" > PermitRootLogin yes IgnoreRhosts yes StrictModes yes QuietMode no CheckMail no IdleTimeout 3d X11Forwarding no PrintMotd no KeepAlive yes RhostsAuthentication no RhostsRSAAuthentication no RSAAuthentication yes PasswordAuthentication no PermitEmptyPasswords no UseLogin no </PRE ></FONT ></TD ></TR ></TABLE ></DIV ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="x227.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="x256.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >Security - keeping people out</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="c224.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >Restricting Users</TD ></TR ></TABLE ></DIV ></BODY ></HTML >