Hosted by Darren Kitchen and Shannon Morse. New episodes Tuesdays.
Put together by a band of IT ninjas, security professionals and hardcore gamers, Hak5 isn't your typical tech show. We take on hacking in the old-school sense, covering everything from network security, open source and forensics, to DIY modding and the homebrew scene. Then we wrap it all up with a... Read More
This time on the show, using One-Time-Passwords in Linux for SSH authentication. We cover the theory and set up our server with a Yubikey. Plus relaying without GatewayPorts, easily edit Known_Hosts, Free SSHFS in Windows and a ton more!
First and foremost, mad props to Matt Levavi who scoured forums and mailing lists to compile a simple how to. Here's the jist of setting up SSHD in Ubuntu to use authentication with a Yubikey.
mkdir ~/.yubico sudo aptitude install autoconf libtool libusb-1.0-0-dev libcurl4-openssl-dev libpam-dev
# Download Yubico-pam, Yubico-c-client, Libyubikey and Yubikey-personalization sudo autoreconf --install; ./configure; make; make install
# in each directory with Yubico-pam being last
# Get an API key and passwd from https://upgrade.yubico.com/getapikey/ sudo vi /etc/pam.d/sshd # Find PAM configuration and add: auth required pam_yubico.so id=key= debug sudo vi /etc/pam.d/common-auth
# add "debug try_first_pass" to end of auth string sudo vi /etc/ssh/sshd_config
# ensure PasswordAuthention yes and ChallengeResponseAuthentication no sudo mv /usr/local/lib/security/pam_yubico.so /lib/security sudo vi ~/yubico/authorized_yubikeys
# syntax: user:sudo touch /var/run/pam-debug.log chmod go+w /var/run/pam-debug.log sudo service ssh restart
If you're into Hak5 you'll love our new show by hosts Darren Kitchen and Shannon Morse. Check out HakTip!
Whether you're a beginner or a pro, HakTip is essential viewing for current and aspiring hackers, computer enthusiasts, and IT professionals. With a how-to approach to all things Information Technology, HakTip breaks down the core concepts, tools, and techniques of Linux, Wireless Networks, Systems Administration, and more
And let's not forget to mention that you can follow us on Twitter and Facebook. Subscribe to the show and get all your Hak5 goodies, including the infamous WiFi Pineapple over at HakShop.com. If you have any questions or suggestions please feel free to contact us at feedback@hak5.org.
10 days ago
Employers want social media passwords, US gets a #CPO, and #TheOnion! All that and more this time on #ThreatWire! http://t.co/SrZpicvnt6
13 days ago
#Installing #Solar panels, #Google #Chrome #extensions, and more on @Hak5! http://t.co/QppYLgZpi5
13 days ago
Legalizing #Internet eavesdropping, #LivingSocial is #hacked, and more on this weeks #ThreatWire! http://t.co/xyIxzy8kes
13 days ago
@thescribe I didn't! They were disabled and enabled throughout the segment. Each one has a different icon. - @Snubs
13 days ago
@myraitnetwork thank you!
28 days ago
#PGP #Encrypt your email, back up your #Gmail Account with #Ubuntu, text #messaging your #WiFi #Pineapple On #Hak5! http://t.co/KSZeO4GEPU
