Hi, When i pop my mail i create a tunnel through ssh, and pop through that. Using this command "ssh -C -f me@pop.myserver -L 10110:pop.myserver:110 sleep 30" Well every time i create the tunnel i have to enter my password for the pop server. Is there a way to use ssh tools so i don't have to enter my password? I'm using kmail is that's relevant. Thanks, --Brad
On Tue, 20 Feb 2001, Brad Noyes wrote:
"ssh -C -f me@pop.myserver -L 10110:pop.myserver:110 sleep 30" Well every time i create the tunnel i have to enter my password for the pop server. Is there a way to use ssh tools so i don't have to enter my password? I'm using kmail is that's relevant.
You can setup your ssh session so that it uses certificates to authenticate you to the server, instead of using username/password conbination. THen your certificate is kept in your account in your client machine. When you connect to the server, the ssh client automatically grabs your cert., does a few operations with the server to authenticate you, and you are all set. You don't need to enter anything manually. from the security point of view, you need to keep your certificate in the client machine safe, obviously. -- Pedro Soria-Rodriguez sorrodp@alum.wpi.edu
On Tue, 20 Feb 2001, Pedro Soria-Rodriguez wrote: sorrod> You can setup your ssh session so that it uses sorrod> certificates to authenticate you to the server, instead of sorrod> using username/password conbination. THen your sorrod> certificate is kept in your account in your client sorrod> machine. When you connect to the server, the ssh client sorrod> automatically grabs your cert., does a few operations with sorrod> the server to authenticate you, and you are all set. You sorrod> don't need to enter anything manually. You should give your certificate (RSA or DSA key) a passphrase to keep it more secure. You could then use ssh-agent to cache the key in memory for the duration of a session so you don't need to enter the passphrase every time. sorrod> from the security point of view, you need to keep your sorrod> certificate in the client machine safe, obviously.
Thanks guys! i was able to get the authentication to work using ssh-agent. Thanks again. --Brad On Tuesday 20 February 2001 14:19, Charles R. Anderson wrote:
On Tue, 20 Feb 2001, Pedro Soria-Rodriguez wrote:
sorrod> You can setup your ssh session so that it uses sorrod> certificates to authenticate you to the server, instead of sorrod> using username/password conbination. THen your sorrod> certificate is kept in your account in your client sorrod> machine. When you connect to the server, the ssh client sorrod> automatically grabs your cert., does a few operations with sorrod> the server to authenticate you, and you are all set. You sorrod> don't need to enter anything manually.
You should give your certificate (RSA or DSA key) a passphrase to keep it more secure. You could then use ssh-agent to cache the key in memory for the duration of a session so you don't need to enter the passphrase every time.
sorrod> from the security point of view, you need to keep your sorrod> certificate in the client machine safe, obviously.
_______________________________________________ Wlug mailing list Wlug@mail.wlug.org http://mail.wlug.org/mailman/listinfo/wlug
participants (3)
-
Brad Noyes -
Charles R. Anderson -
Pedro Soria-Rodriguez