RSA and .ppk How do I?

Phil_Garner · November 27, 2008, 5:01pm

I would like to add a password and .ppk key when using putty to access my system from my laptop. Would this make it more secure or just a waste of time. In this economical climate I am sure nobody can afford to be ripped off.

I have FreePBX 2.5.0.1 CentOS 4.7 (Final) Asterisk 1.2.26.1

Many thaks in advance.

Phil

TomS · December 10, 2008, 11:12pm

This is a 50 line script to simulate a SITE PASSWORD.
There are about 15 lines of actual code and the rest is
comments describing the execution and use of the script.
This works great for any CentOS release. I have used it
on TB and now PiaF when there is Internet exposure.
SSH scanning BOTS have a harder time thus far.
TomS

#!/bin/bash
#ident “@(#)SITE-PSWD-lite.sh Version 2.03 Tom Schmitt 2008”
#------------------------------------------------------------------------------^

Written by Tom Schmitt - [email protected]

Copyright © 1995-2008

Available under the GPL - Enjoy!

Please pass on any enhancements you make so they can be shared with all

As always - No Guarantees - Use at your own risk!

This is a subset of the actual system SITE-PSWD.sh and SSAT programs.

#------------------------------------------------------------------------------^

If you find out where to add this code for ‘scp’ access please send an email.

#------------------------------------------------------------------------------^

I M P O R T A N T !!!

Always have a ‘root’ session open in another window before changing anything.

That way you can restore it if you mis-configured /etc/profile, etc.

#------------------------------------------------------------------------------^

Place this file in /usr/bin and make the file executable:

chmod +x SITE-PSWD-lite.sh

Add this line to the end of /etc/profile:

. /etc/SITE-PSWD-lite.sh (remember the ‘.’ and a space)

#------------------------------------------------------------------------------^

Just change the matching password here:

MATCHIT=“SITe” # <=== Make it meaningful to you ===>

The correct answer to the challenge prompt is:

Enter SITE Password: SITe-<2-digit seconds on displayed time>

EXAMPLE: If the prompt showed the time as 12:48:37

Then the correct reply would be: SITe-37

This makes challenge more difficult to answer as it changes every second.

#------------------------------------------------------------------------------^

Always use SSH and not Telenet for security reasons.

#------------------------------------------------------------------------------^
D=date '+%D %T' # Date formatted to: 06/17/08 15:07:50
SEC=echo $D | cut -c16,17 # Using SEConds as part of the response
trap 1 2 3 # Block breakout from script
echo -e “\n$D” # Display the DATE & TIME again
echo -e "\nEnter SITE Password: \c"
stty -echo # Stop echo of characters entered/blind
read PSWD # Read the entered
stty echo # Resets if stty -echo was used
#------------------------------------------------------------------------------^

This is where the password is matched $MATCHIT-$SEC or

You can change the following ‘if’ statement to remove the ‘-’ as required

e.g. ${MATCHIT}${SEC}

You can change it so that you enter the SEConds first and then a ‘-’

e.g. ${SEC}-${MATCHIT}

Tailor it to you needs.

#------------------------------------------------------------------------------^
if [ “${PSWD}” != “${MATCHIT}-${SEC}” ]; then # Check Site Password
echo -e "BAD SITE PASSWORD\nGOOD BYE!"
exit 1
fi
echo -e “\n\nWelcome to the hostname server!\n”
#------------------------- END OF SITE-PASSWD-lite.sh CODE --------------------^