SSH client/server comms - user/password, minimal key usage

Discussion of open issues, suggestions and bugs regarding network security and data protection solution - SecureBridge
Post Reply
benkedon
Posts: 28
Joined: Tue 15 May 2007 12:27

SSH client/server comms - user/password, minimal key usage

Post by benkedon » Wed 30 May 2007 19:59

I want to create a common SSH server executable, installed as a service, on about 300 Win 2K servers. All of these servers are on our protected company WAN, so I'm concerned with encrypted data between machines (via SSH tunnel), but not so much about authentication between servers and client. A single client SSH machine will "talk" with all 300 servers, using a common password/user i.d.

As I want to automate the deployment/installation/startup of the SSH server executable/service on the 300 Win2k servers, I'd like to have a single encrypted user/key storage file to be deployed to all the servers, if possible.

Only one user/password will be in the storage file, i.e. the one the client SSH machine will use to authenticate with all the servers. What can I do to minimize the number of DIFFERENT keys I need to put in to the common (user/key) storage file ?

Dimon
Devart Team
Posts: 2910
Joined: Mon 05 Mar 2007 16:32

Post by Dimon » Fri 01 Jun 2007 15:10

You can create one private key and one user in FileStorage, and use it for all your servers.
For example, generate RSA key with name KeyName, which can be used as by a server public key. You need to specify the Key name in the KeyNameRSA property of TScSSHServer's component. Then you create user with name UserName and specify a password. This password will be used by all users. After that you need to copy the file containing the generated key (KeyName.key) and the file containing user's information (UserName.usr) to all servers.

Post Reply