Make sure public key auth is enabled on the client and server: /etc/ssh/sshd_config: RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys /etc/ssh/ssh_config: Host * RSAAuthentication yes PubkeyAuthentication yes (these are defaults, and so they are commented out in my files) SSH version 1 uses RSAAuthentication, SSH version 2 uses PubkeyAuthentication. Make sure the perms on the directories and files are tight enough (sshd checks): chmod 700 ~/.ssh chmod 600 ~/.ssh/* Finally, are both the server/client the same implementation of SSH? SSH.COM uses slightly different formats than OpenSSH for the public keys. ssh-keygen can convert between the formats. On Wed, Nov 30, 2005 at 01:27:54PM -0800, Mike Leo wrote:
i do exactly that, yet it still prompts me for a password when ssh'ing.
thoughts?
--- Mike Frysinger <vapier@gentoo.org> wrote:
On Wed, Nov 30, 2005 at 12:37:19PM -0800, Mike Leo wrote:
Basically we are ssh-keygen -t (dsa/rsa) the keys, copy them to the "remote" servers ~/.ssh/
what are you copying ? for example, i create my dsa keys: ~/.ssh/id_dsa ~/.ssh/id_dsa.pub then i export my pub key to the remote server: $ scp ~/.ssh/id_dsa.pub remotebox:~/ $ ssh remotebox # <- enter my pw $ cat ~/id_dsa.pub >> ~/.ssh/authorized_keys $ rm ~/id_dsa.pub $ logout $ ssh remotebox # <- no pw needed
There are conflicting doc's at this point...some say you need an ssh-agent, some don't mention it. Some use passphrases, some don't. But if i have to enter an ssh passphrase everytime, why not just use the account password?
passphrases are not required, but many people like to use them
ssh-agent allows you to cache the passphrase for a certain amount of time, thus finding some ground between the 'always use pw' and the 'never use pw' ground of authentication -mike _______________________________________________ Wlug mailing list Wlug@mail.wlug.org http://mail.wlug.org/mailman/listinfo/wlug
_______________________________________________ Wlug mailing list Wlug@mail.wlug.org http://mail.wlug.org/mailman/listinfo/wlug
-- Chuck R. Anderson <cra@wpi.edu> / http://angus.ind.wpi.edu/~cra/ PGP Fingerprint: EBA3 A106 7C93 FA07 8E15 3AC2 C367 A0F9 49BB 5886