On 30/12/06, Timothy Murphy <tim at birdsnest.maths.tcd.ie> wrote:
> One thing I guess I've never understood
> is why it is so easy to set up an ssh connection internally,
> eg if someone brings a laptop into the house.
> My shorewall policy allows connection from LAN to firewall:
> loc $FW ACCEPT
> Does that mean ssh does not look for any authentication in this case?
No - the shorewall setting is just limiting the networks which are
allowed to *connect* to the SSH port. Connection is only the first
phase of SSH access; once you've connected, it then will go through
the configured authentication mechanisms.
If you're not asked for a password etc, it's probably because you've
put the public key of the client into the authorized_keys of the
server.
Colm
--
Colm Buckley / colm at tuatha.org / +353 87 2469146
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
