Start Free Trial
Come for the solution, stay for everything else.
Start Free Trial
OpenSSH on external computer?
Is it possible to use a third computer to do authentication.
This is the scenario:
Computer1 wants an SSH connection to Computer2
What happens is:
Computer1 connects to Computer3, running OpenSSH.
Computer3 authenticates Computer1 and Computer 2.
The result is an SSH connection between 1 and 2 authenticated by 3.
Is this possible?
If so, how to set it up on Ubuntu?
SSH / Telnet Software
8/22/2022 - Mon
This is not possible, SSH connections are between 2 computers. You could however login computer 3 from computer 1 and then log 'through' from there to computer 2. You are then connected from 1 to 2 via 3 but you have 2 SSH connections.
Actually you can. This is exactly how HTTPS works, it utilizes a certificate that is approved from a third party the CA (Certificate Authority).
Personally I have not done it. But there are options that allow you to do it. A simple google search for SSH using certificate will give you many articles.
HTTPS uses SSL/TLS, not SSH. Here is Ubuntu info on using SSH/OpenSSH/Keys:
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
ASKER CERTIFIED SOLUTION
Log in or sign up to see answer
Become an EE member today
7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
>> You could setup external authentication using tunnels between 2 and 3 and 1 and 3 will pass credentials it received to confirm they are valid on the third
@arnold, I'd be interested in a link or article on how to set that up :)
There is no such article that deals with the scenario, but one has to write something from scratch to function as those who authenticate against data in a DB mysql, PostgreSQL, etc.
On the remote site you will need a service that will tie into the local authentication scheme.
True HTTPS uses TLS/SSL but I was referring to the idea of utilizing certificates.
You can use SSH with x.509 certificates. If it not self signed i.e. signed from a third party then you can consider this third party the third machine suggested in the original scenario.
check these two links
to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Plans and Pricing
Certified Expert Program
© 1996-2022 Experts Exchange, LLC. All rights reserved. Covered by US Patent