Date: Sat, 28 Nov 1998 22:20:34 -0800 From: "Randy A. Katz" <randyk@ccsales.com> To: "Joe \"Marcus\" Clarke" <marcus@jaguar.ir.miami.edu> Cc: questions@FreeBSD.ORG Subject: Re: Ssh Authentication Question Message-ID: <3.0.5.32.19981128222034.04393430@ccsales.com> In-Reply-To: <Pine.OSF.4.05.9811271915060.4999-100000@jaguar.ir.miami.ed u> References: <3.0.5.32.19981127144002.04cae370@ccsales.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thank you, this is a very clear explanation of how to do it...and it works! At 07:26 PM 11/27/98 -0500, Joe \"Marcus\" Clarke wrote: >This depends on what version of ssh you're using. With 1.2.26, you must >first generate a public/provate key using ssh-keygen, then, create a file >~/.ssh/authorized_keys. In this file, append the public keys fro users >from other hosts you wish to trust. The way I do it is ftp the public key >from one of my accounts on machine x to machine y, and vice versa. Then, >on machine y, I do cat identity.x >> authorized_keys, and on machine x, >cat identity.y >> authorized_keys. Voila, now you can login transparently >across machines. > >ssh 2.0.x does thigs a little differently. You now have a ~/.ssh2 >directory. You use the command ssh-keygen2 to generate ssh2 keys. This >will generate a public (a file ending in .pub), and a private key. Create >a file ~/.ssh2/authorization, and a ~/.ssh2/identification. The >authorization file should be 644 where as the identification file should >be 600. In the identification file, add the line: > >IdKey id_dsa_1024_a > >Where id_dsa_1024_a is your private key file. Then, in the authorization >file, create a line for each account you wish to trust, and point it to >the public key of that account. Again, ftp the public keys across to the >machines. For instace, on machine x I get the public key from my account >on machine y, and put the public key from machine x on machine y. Then on >machine x, I add the line: > >Key y.pub > >and on machine y, I add: > >Key x.pub > >to my ~/.ssh2/authorization file. Then I can login transparently across >systems. > >Joe Clarke > >On Fri, 27 Nov 1998, Randy A. Katz wrote: > >> Hello, >> >> I saw this before but can't find it. >> >> How do I get sshd to trust a specific host and allow the user over on that >> host to execute a command without entering the password? >> >> Thank you, >> Randy Katz >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-questions" in the body of the message >> > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.19981128222034.04393430>