[bitfolk] Disabling password auth for Xen Shell

Top Page
Author: Andy Smith
Date:  
To: announce
Subject: [bitfolk] Disabling password auth for Xen Shell

Reply to this message
gpg: Signature made Tue Jan 1 04:59:09 2019 UTC using DSA key ID BF15490B
gpg: Good signature from "Andy Smith <andy@strugglers.net>"
gpg: aka "Andrew James Smith <andy@strugglers.net>"
gpg: aka "Andy Smith (UKUUG) <andy.smith@ukuug.org>"
gpg: aka "Andy Smith (BitFolk Ltd.) <andy@bitfolk.com>"
gpg: aka "Andy Smith (Linux User Groups UK) <andy@lug.org.uk>"
gpg: aka "Andy Smith (Cernio Technology Cooperative) <andy.smith@cernio.com>"
Hi,

There's a long-standing request to implement a way for customers to
disable password authentication on their Xen Shell SSH accounts
(i.e. ssh username@???):

    https://tools.bitfolk.com/redmine/issues/116


This has now been implemented¹, so if you go to:

    https://panel.bitfolk.com/account/security/#toc-allow-xen-shell-ssh-access-by-password


you can set that if you wish. You will first need to have added at
least one SSH public key, as that is the only way you'll be able to
log in to the Xen Shell after that.

I don't anticipate many people using this or it changing frequently,
so I haven't bothered to implement immediate update of our SSH
config. Instead you might have to wait up to 30 minutes for the
sshd_config on the host machine to actually be updated.

The other already existing way to further secure your Xen Shell
login is to use 2 factor authentication, as described on the same
page. Enabling that will require you to supply a code from a TOTP
app such as Google Authenticator, 1Password, etc.

Cheers,
Andy

¹ 11 days short of 5 years since it was requested, woohoo!

--
https://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce@???
https://lists.bitfolk.com/mailman/listinfo/announce