On Wed, Nov 30, 2005 at 12:37:19PM -0800, Mike Leo wrote:
Basically we are ssh-keygen -t (dsa/rsa) the keys, copy them to the "remote" servers ~/.ssh/
what are you copying ? for example, i create my dsa keys: ~/.ssh/id_dsa ~/.ssh/id_dsa.pub then i export my pub key to the remote server: $ scp ~/.ssh/id_dsa.pub remotebox:~/ $ ssh remotebox # <- enter my pw $ cat ~/id_dsa.pub >> ~/.ssh/authorized_keys $ rm ~/id_dsa.pub $ logout $ ssh remotebox # <- no pw needed
There are conflicting doc's at this point...some say you need an ssh-agent, some don't mention it. Some use passphrases, some don't. But if i have to enter an ssh passphrase everytime, why not just use the account password?
passphrases are not required, but many people like to use them ssh-agent allows you to cache the passphrase for a certain amount of time, thus finding some ground between the 'always use pw' and the 'never use pw' ground of authentication -mike