I have a number of Pi on tailscale and ssh in, but the ssh option needs a web browser which Android doesn't like. I use JuiceSSH

If there a way to set SSH to allow only public-key login for remote access. Anything from local allowing password

TC


... TCOB1: https://binkd.rima.ie telnet: binkd.rima.ie

--- BBBS/LiR v4.10 Toy-7
* Origin: TCOB1: https/binkd/telnet binkd.rima.ie (86:553/20)

On Tue, 6 May 2025 18:23:28 +0100
"TheCivvie" (86:553/20) <TheCivvie@f20.n553.z86.fidonet> wrote:

I have a number of Pi on tailscale and ssh in, but the ssh option
needs a web browser which Android doesn't like. I use JuiceSSH

If there a way to set SSH to allow only public-key login for remote
access. Anything from local allowing password

Not sure I understand why ssh would require a web browser and what
public key login has to do with it.


Usually to stop local passwords from being used you would edit /etc/ssh/sshd_config and change PasswordAuthentication to no and
restart your sshd.
--
End Of The Line BBS - Plano, TX
telnet endofthelinebbs.com 23
--- SBBSecho 3.24-Linux
* Origin: End Of The Line BBS - endofthelinebbs.com (86:200/30)

nelgin wrote to All <=-

On Tue, 6 May 2025 18:23:28 +0100
"TheCivvie" (86:553/20) <TheCivvie@f20.n553.z86.fidonet> wrote:

I have a number of Pi on tailscale and ssh in, but the ssh option
needs a web browser which Android doesn't like. I use JuiceSSH

If there a way to set SSH to allow only public-key login for remote
access. Anything from local allowing password

Usually to stop local passwords from being used you would edit /etc/ssh/sshd_config and change PasswordAuthentication to no and
restart your sshd.

Yup! This is "The Way".



... So easy, a child could do it. Child sold separately.
=== MultiMail/Linux v0.52
--- SBBSecho 3.24-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)

nelgin wrote to All <=-

On Tue, 6 May 2025 18:23:28 +0100
"TheCivvie" (86:553/20) <TheCivvie@f20.n553.z86.fidonet> wrote:

I have a number of Pi on tailscale and ssh in, but the ssh option
needs a web browser which Android doesn't like. I use JuiceSSH

If there a way to set SSH to allow only public-key login for remote
access. Anything from local allowing password

Not sure I understand why ssh would require a web browser and what
public key login has to do with it.

Because tailscale requires you to log in via a web browser which is ok if not using Android, not sure how IOS handles it. There is a way to turn it off but I do like the extra security it offers for non local devices.

Usually to stop local passwords from being used you would edit /etc/ssh/sshd_config and change PasswordAuthentication to no and
restart your sshd.

That turns on public-key for all log ins and therefore beats 2 of my scripts that I need to run. Maybe I need to pull the finger out and change them to use public key authenciation

TC


... TCOB1: https://binkd.rima.ie telnet: binkd.rima.ie

--- BBBS/LiR v4.10 Toy-7
* Origin: TCOB1: https/binkd/telnet binkd.rima.ie (86:553/20)

Gamgee wrote to nelgin <=-

I have a number of Pi on tailscale and ssh in, but the ssh option
needs a web browser which Android doesn't like. I use JuiceSSH

If there a way to set SSH to allow only public-key login for remote
access. Anything from local allowing password

Usually to stop local passwords from being used you would edit
/etc/ssh/sshd_config and change PasswordAuthentication to no and
restart your sshd.

Yup! This is "The Way".

Love that show ;)

TC


... TCOB1: https://binkd.rima.ie telnet: binkd.rima.ie

--- BBBS/LiR v4.10 Toy-7
* Origin: TCOB1: https/binkd/telnet binkd.rima.ie (86:553/20)