authorized_keys read-only.
With that done, you can type exit to disconnect from the remote machine
and return to your local machine. Then you can try running ssh again. If you
are prompted for your passphrase, you have successfully configured key-
based authentication.
If you have done all this, you have secured the current machine. But what
about every other machine? It is still possible to log in from another machine
using only a password, which means your remote machine is still vulnerable.
The solution to this is to edit the /etc/ssh/sshd_config file, which
requires super user privileges. Look for the PasswordAuthentication
line and make sure it reads no (and that it is not commented out with a #).
Save the file and run kill -HUP ‘cat /var/run/sshd.pid’ to have
sshd reread its configuration files. With that done, sshd accepts only
connections from clients with authorized keys, which stops crackers from
brute-forcing their way in.
TIP
For extra security, you are strongly encouraged to set
PermitRootLogin to no in /etc /ssh/sshd_config. When this
is set, it becomes impossible to ssh into your machine using the root
account; you must connect with a normal user account and then use su or
sudo to switch to root. This is advantageous because most brute-force
attempts take place on the root account because it is the only account that is
guaranteed to exist on a server.
Also, even if a cracker knows your user account, she has to guess both your
user password and your root password to take control of your system.
Of course, if you don’t have a root account enabled on your box, this isn’t
an issue because it is already impossible to log in directly as root. Hooray
for slightly more secure defaults in Ubuntu!Virtual Network Computing
Everything we have looked at so far in this chapter has been about remote
access using the command line, with no mention so far of how to bring up a
graphical user interface (GUI). There are several ways of doing this in
Ubuntu, some of which are listed in the “References” section, later in this
chapter. Here we discuss the GUI that is most popular with and most
preferred by the Ubuntu community and is also the GUI best supported by the