How can I have passwordless login to a user when using mosh?

AnonymouseCoder · 2022-11-04 01:20:36

I want to be able to just type "mosh <user>@<ip>" and login quick.

jasonwryan · 2022-11-04 01:24:56

You would have your key stored in a keychain:
https://wiki.archlinux.org/title/SSH_keys#Keychain

AnonymouseCoder · 2022-11-04 01:33:21

No, I mean make it so that anywhere in the world (that I can mosh into it) I type "mosh <user>@<ip>" and the server logs me in, no password, also the keychain program seems to be for ssh, not mosh.

jasonwryan · 2022-11-04 04:17:32

mosh takes ssh options, so there is no reason that it can't use credentials stored in a keychain.

What sort of authentication are you imagining would stop anyone else logging in to the server without a password...

AnonymouseCoder · 2022-11-04 15:07:25

That's the point! If you are thinking the root user, I have that protected.

Trilby · 2022-11-04 15:19:06

First, this is a bad idea. Second, did I say this is a bad idea.

Given the above has been read and focusing on the direct question, "when using mosh" is irrelevant. You need to configure the server to not require a password for that user to login. The client that any-random-person uses to get access to your passwordless server is irrelevant. This should be obvious: there is nothing that can be done in a client that would allow it to login without a password to a server that required one (whether using mosh, ssh, telnet, or any other conceivable client).

You can set the user on the server to have an empty password. But before you do so, reread the first and second points above. Then, if you want to be a good sport, start another thread under "Try this" where we can get a betting pool going to see who can guess how many seconds your server will stay online before it is compromised once you enact this setting.

Last edited by Trilby (2022-11-04 15:24:53)

AnonymouseCoder · 2022-11-04 22:39:57

Ok then, thanks. Also, I know this is a bad idea, so I don't give the user shell access.

jasonwryan · 2022-11-04 22:41:24

AnonymouseCoder wrote:

Ok then, thanks. Also, I know this is a bad idea, so I don't give the user shell access.

You aren't in devops by any chance?

AnonymouseCoder · 2022-11-04 22:52:30

No, what's that?

cfr · 2022-11-05 01:01:27

DevOps? Not sure if that's the intended reference, though.

seth · 2022-11-05 06:48:31

I know this is a bad idea, so I don't give the user shell access

ayekat · 2022-11-05 16:17:48

AnonymouseCoder wrote:

Ok then, thanks. Also, I know this is a bad idea, so I don't give the user shell access.

What access/permissions are you giving the user, though?
In post #3 you do write "the server logs me in", so… the user does get something after all.

AnonymouseCoder · 2022-11-05 16:27:19

Just browsh, request stuff, terminate browsh in case of slow system, and info about stuff

seth · 2022-11-05 16:29:17

https://bbs.archlinux.org/viewtopic.php?id=279797 …

Trilby · 2022-11-05 17:12:42

Note that saying you "don't give the user shell access" is not really accurate if you've only set the default "shell" or login program to browsh. Any random joe can login to your system with `ssh user@ip /bin/sh` and have access to an interactive shell session. And if you think you are safe because it is not a root shell, I refer back to my suggestion of starting a betting pool for how long this server will last (and I've since greatly reduced the number of seconds I'd bet on).

While "enumerating badness" is a foolish approach to security, and similarly while an inability to list all the ways a non-root user could trash your system should not mean there aren't many, you may still want one: one does not need to be root or even have any skills whatsoever to run a fork bomb.

But even that aside, assuming they were really locked into just using browsh... ITS A WEB BROWSER! If you think a JS-enabled browser running on your server is a nice safe cozy place to allow random strangers, you're really quite disconnected from reality. And I don't say this to be mean (at least not as the intended goal) but potentially to save you from complete disaster... or at least save this community from trying to help you recover from that disaster.

Last edited by Trilby (2022-11-05 17:21:27)

AnonymouseCoder · 2022-11-05 17:28:10

Ok, very sorry for wasting your time. I'll lock down a bit by making a password for users, and I'll stop asking about this.

Arch Linux

#1 2022-11-04 01:20:36

How can I have passwordless login to a user when using mosh?

#2 2022-11-04 01:24:56

Re: How can I have passwordless login to a user when using mosh?

#3 2022-11-04 01:33:21

Re: How can I have passwordless login to a user when using mosh?

#4 2022-11-04 04:17:32

Re: How can I have passwordless login to a user when using mosh?

#5 2022-11-04 15:07:25

Re: How can I have passwordless login to a user when using mosh?

#6 2022-11-04 15:19:06

Re: How can I have passwordless login to a user when using mosh?

#7 2022-11-04 22:39:57

Re: How can I have passwordless login to a user when using mosh?

#8 2022-11-04 22:41:24

Re: How can I have passwordless login to a user when using mosh?

#9 2022-11-04 22:52:30

Re: How can I have passwordless login to a user when using mosh?

#10 2022-11-05 01:01:27

Re: How can I have passwordless login to a user when using mosh?

#11 2022-11-05 06:48:31

Re: How can I have passwordless login to a user when using mosh?

#12 2022-11-05 16:17:48

Re: How can I have passwordless login to a user when using mosh?

#13 2022-11-05 16:27:19

Re: How can I have passwordless login to a user when using mosh?

#14 2022-11-05 16:29:17

Re: How can I have passwordless login to a user when using mosh?

#15 2022-11-05 17:12:42

Re: How can I have passwordless login to a user when using mosh?

#16 2022-11-05 17:28:10

Re: How can I have passwordless login to a user when using mosh?

Board footer