Find the answer to your Linux question:
Results 1 to 3 of 3
Hello, I have no idea if this is possible, or if this is just a neat idea, but is there any way to log on to a linux system using ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2014
    Location
    Edmonton, AB, Canada
    Posts
    25

    Question Logging on to linux using self-signed certificate


    Hello,
    I have no idea if this is possible, or if this is just a neat idea, but is there any way to log on to a linux system using a self-signed certificate stored on a personal thumbdrive? I use Linux Mint, and as such have MDM but also use xscreensaver.

    My idea is, is there a way to be able to, when my thumbdrive is mounted (system automounts it), have the system check if my .pem is present in the root directory of the thumbdrive and if it is, unlock the desktop and if it isn't, just mount the drive as usual but not auto-authenticate? I can understand if I'd still need to log on using my password on bootup but, perhaps, is there any way to do this with xscreensaver, or any other desktop-locking software?

    I'm 50% sure that this would be tough to implement, and 75% sure that this would create unnecessary security flaws in my system, BUT, I'm just curious about whether or not this could actually be done.

    Thanks!

    Nathan

    Linux Mint 64-bit using kernel 3.11.0-17 generic

  2. #2
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,558
    Assuming you mean using something like ssh, then yes you can. The steps are arduous, but possible. I have done it. First, you need to create the certificate. Then you need to access the remote system somehow in order to give it the public key (stored in the known_hosts file in your remote user accounts .ssh directory) . When you log in, you will use the private key with the -i option to ssh for your user id. You also need to be sure that the file (and directory) permissions on both systems for the .ssh directory are correct.

    Honestly, it is a pain in the farking ass! Personally, I prefer to use a VPN tunnel and just login over that normally. Much less trouble, and you can set up the openvpn tunnel to use your self-signed keys without a lot of pain and suffering.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  3. #3
    Just Joined!
    Join Date
    Feb 2014
    Location
    Edmonton, AB, Canada
    Posts
    25
    I have seen online in some places that this is possible on ssh; however, here I'm wondering if this is at all possible for local logins. I do like the idea of using openvpn with my self-signed key, however.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •