Comments on: Securing Windows Remote Desktop with CopSSH

By: DrNathan

DrNathan — Mon, 02 Nov 2009 14:48:56 +0000

Turning PasswordAuthentication to no disallows clear-text password authentication.

In our case, we want to turn off the ability to log in using clear text passwords as we are going to be using certificates for authentication instead.

If you follow the writeup completely, you will be using certificate-based authentication, which is a far more secure option.

By: Dale

Dale — Sun, 01 Nov 2009 01:02:57 +0000

Why is PaswwordAuthentication set to no, seems counterintuitive to me?

By: DrNathan

DrNathan — Wed, 29 Jul 2009 13:55:03 +0000

Glad to be of help!

By: Ivanov

Ivanov — Thu, 23 Jul 2009 07:03:56 +0000

DrNathan,
Following your superb tutorial step by step it worked for me also (remote access to my Vista Business PC). The only additional task I needed to perform was to open the chosen port for copSSH in windows firewall.
Thanks a lot for creating this quite useful page.

By: DrNathan

DrNathan — Mon, 30 Mar 2009 15:00:11 +0000

Leonardo,

Thanks for the head’s up on the Windows password, I don’t know how I forgot to add that part in the writeup. I will update it shortly.

By: Leonardo

Leonardo — Mon, 30 Mar 2009 07:47:45 +0000

Hi cool guide easy to follow … great for beginners
But i think you left out configuration of sshd.config file
without configuration .. people are still allowed to login using windows password
you need to disable the windows login method by modifying the sshd.config … only allow public and private key logon

By: Venom

Venom — Fri, 20 Mar 2009 13:18:22 +0000

Great guide!
Finally – I understand how a SSH tunnel is made.
Thanks a lot, man.

By: DrNathan

DrNathan — Tue, 30 Dec 2008 16:17:36 +0000

The CopSSH config is really set up for allowing local users to attach to a particular machine. If you really need to secure a multitude of connections, particularly for Active Directory users, I would look into a dedicated VPN solution.

By: Ania

Ania — Mon, 15 Dec 2008 19:38:11 +0000

And how would I have to set it up so it works with all the users from Active Directory??

By: Securing Windows Remote Desktop with CopSSH « Snorkle256’s Random Blog

Fri, 12 Dec 2008 17:10:12 +0000

[...] RDP sessions through an SSH tunnel and sleep a little easier at night.read more | digg [...]