LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] openssh

[ILUG] openssh

Wesley Darlington wesley at blackstar.co.uk
Mon Feb 12 19:12:31 GMT 2001 

Howdy,

On Mon, Feb 12, 2001 at 05:39:52PM +0000, John P . Looney wrote:
> On Mon, Feb 12, 2001 at 05:37:03PM +0000, Stephen Shirley mentioned:
> > It doesn't make any difference. To do rsa authentication, you need to have
> > your key held by an agent. All that means is that when prompted for your
> > password by the agent you can just hit return. You should setup the agent
> > to run when you log into your local machine.
> 
>  But...but...I had SSH setup to not ask for a password before. And it
> worked. And there was no agent. And I don't want to use an agent, as it's
> on a pair of backend servers that no one is supposed to login to.

Every six months or so, I find myself in need of exactly this. And every
time, I find myself banging my head against this exact same brick wall
for a couple of minutes. :-)

Things like file permissions, directory permissions, what sshd_config say
and so on and so forth seem to conspire to bite me. And I seem to always
forget to run "ssh -v" *first*. Like, Duh! :-)

Anyway, .shosts files are (IMHO) more trouble than just RSA (or DSA?)
authentication. Plus, I don't entirely trust 'em... I find it best to
just ssh-keygen a keypair without a passphrase, stick it on the remote
box in an appropriate authorized_keys, make sure everything is og-rwx
over there, take a quick gander at the remote box's sshd_config file
and give it a whirl. Then I doctor the remote authorized_keys file to
only accept that passphrase from this machine.

I also find that ssh autologin problems *hate* being ignored. If you
ignore them, even for just a few minutes, they get bored and go away. *grin*

ATB,
Wesley.

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell