Just for the record, i did not have to make any changes from the default sshd_config file to get this to work. --- Chuck Anderson <cra@WPI.EDU> wrote:
Make sure public key auth is enabled on the client and server:
/etc/ssh/sshd_config:
RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys
/etc/ssh/ssh_config:
Host * RSAAuthentication yes PubkeyAuthentication yes
(these are defaults, and so they are commented out in my files)
SSH version 1 uses RSAAuthentication, SSH version 2 uses PubkeyAuthentication.
Make sure the perms on the directories and files are tight enough (sshd checks):
chmod 700 ~/.ssh chmod 600 ~/.ssh/*
Finally, are both the server/client the same implementation of SSH? SSH.COM uses slightly different formats than OpenSSH for the public keys. ssh-keygen can convert between the formats.
i do exactly that, yet it still prompts me for a password when ssh'ing.
thoughts?
--- Mike Frysinger <vapier@gentoo.org> wrote:
On Wed, Nov 30, 2005 at 12:37:19PM -0800, Mike Leo wrote:
Basically we are ssh-keygen -t (dsa/rsa) the keys, copy them to the "remote" servers ~/.ssh/
what are you copying ? for example, i create my dsa keys: ~/.ssh/id_dsa ~/.ssh/id_dsa.pub then i export my pub key to the remote server: $ scp ~/.ssh/id_dsa.pub remotebox:~/ $ ssh remotebox # <- enter my pw $ cat ~/id_dsa.pub >> ~/.ssh/authorized_keys $ rm ~/id_dsa.pub $ logout $ ssh remotebox # <- no pw needed
There are conflicting doc's at this
say
you need an ssh-agent, some don't mention it. Some use passphrases, some don't. But if i have to enter an ssh passphrase everytime, why not just use
account password?
passphrases are not required, but many people
On Wed, Nov 30, 2005 at 01:27:54PM -0800, Mike Leo wrote: point...some the like
to use them
ssh-agent allows you to cache the passphrase for a certain amount of time, thus finding some ground between the 'always use pw' and the 'never use pw' ground of authentication -mike _______________________________________________ Wlug mailing list Wlug@mail.wlug.org http://mail.wlug.org/mailman/listinfo/wlug
_______________________________________________ Wlug mailing list Wlug@mail.wlug.org http://mail.wlug.org/mailman/listinfo/wlug
-- Chuck R. Anderson <cra@wpi.edu> / http://angus.ind.wpi.edu/~cra/ PGP Fingerprint: EBA3 A106 7C93 FA07 8E15 3AC2 C367 A0F9 49BB 5886 _______________________________________________ Wlug mailing list Wlug@mail.wlug.org http://mail.wlug.org/mailman/listinfo/wlug