Date: Fri, 27 Nov 1998 19:26:13 -0500 (EST) From: "Joe \"Marcus\" Clarke" <marcus@jaguar.ir.miami.edu> To: "Randy A. Katz" <randyk@ccsales.com> Cc: questions@FreeBSD.ORG Subject: Re: Ssh Authentication Question Message-ID: <Pine.OSF.4.05.9811271915060.4999-100000@jaguar.ir.miami.edu> In-Reply-To: <3.0.5.32.19981127144002.04cae370@ccsales.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This depends on what version of ssh you're using. With 1.2.26, you must first generate a public/provate key using ssh-keygen, then, create a file ~/.ssh/authorized_keys. In this file, append the public keys fro users from other hosts you wish to trust. The way I do it is ftp the public key from one of my accounts on machine x to machine y, and vice versa. Then, on machine y, I do cat identity.x >> authorized_keys, and on machine x, cat identity.y >> authorized_keys. Voila, now you can login transparently across machines. ssh 2.0.x does thigs a little differently. You now have a ~/.ssh2 directory. You use the command ssh-keygen2 to generate ssh2 keys. This will generate a public (a file ending in .pub), and a private key. Create a file ~/.ssh2/authorization, and a ~/.ssh2/identification. The authorization file should be 644 where as the identification file should be 600. In the identification file, add the line: IdKey id_dsa_1024_a Where id_dsa_1024_a is your private key file. Then, in the authorization file, create a line for each account you wish to trust, and point it to the public key of that account. Again, ftp the public keys across to the machines. For instace, on machine x I get the public key from my account on machine y, and put the public key from machine x on machine y. Then on machine x, I add the line: Key y.pub and on machine y, I add: Key x.pub to my ~/.ssh2/authorization file. Then I can login transparently across systems. Joe Clarke On Fri, 27 Nov 1998, Randy A. Katz wrote: > Hello, > > I saw this before but can't find it. > > How do I get sshd to trust a specific host and allow the user over on that > host to execute a command without entering the password? > > Thank you, > Randy Katz > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.OSF.4.05.9811271915060.4999-100000>