From owner-freebsd-questions@FreeBSD.ORG Fri Nov 28 23:09:51 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2BA8516A4CE for ; Fri, 28 Nov 2003 23:09:51 -0800 (PST) Received: from mail2.northnetworks.ca (dev.eagle.ca [209.167.58.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id E118A43F85 for ; Fri, 28 Nov 2003 23:09:49 -0800 (PST) (envelope-from iaccounts@northnetworks.ca) Received: from [127.0.0.1] (dev.eagle.ca [209.167.58.10]) hAT78tCn024954; Sat, 29 Nov 2003 02:08:56 -0500 (EST) (envelope-from iaccounts@northnetworks.ca) From: Steve Bertrand To: "Jerry M. Howell II" In-Reply-To: <20031128233522.A6417@jmhowell.com> References: <20031125183807.H13943@asu.edu> <20031128233522.A6417@jmhowell.com> Content-Type: text/plain Message-Id: <1070089773.13950.12.camel@ptp.northnetworks.ca> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.5 Date: Sat, 29 Nov 2003 02:09:34 -0500 Content-Transfer-Encoding: 7bit cc: freebsd-questions@freebsd.org Subject: Re: ssh issue X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: iaccounts@northnetworks.ca List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Nov 2003 07:09:51 -0000 > On Tue, Nov 25, 2003 at 06:38:07PM -0700, David Bear wrote: > > running 4.7-RELEASE.. I'm trying to setup ssh pubkey auth and its not > > working.. > > > > I put my pub key in ~/.ssh/authorized_keys from system A > > > > On system B edited /etc/ssh/sshd_config with > > ====================== > > PubkeyAuthentication yes > > AuthorizedKeysFile .ssh/authorized_keys > > PasswordAuthentication no > > ===================== > > > > I chmod'd my .ssh dir as 700 on system A and B. Then restart sshd on > > system B explicitly using -f /etc/ssh/sshd_config . Ok, it sounds like you are putting the 'config' on the server side, not the client. I hope I am assuming correctly. Here is a snip from my 'config' on my client side. Note that I have two entries. Depending which network I am connected to, most of the time I can connect just using the servers hostname, and other times, must type in the entire domain name. Having an entry using each connection method (ip, hostname or FQDN) is important: ---snip--- Host host.northnetworks.ca User steve Compression no Protocol 2 RSAAuthentication yes StrictHostKeyChecking no ForwardAgent yes ForwardX11 no IdentityFile /home/steve/.ssh/xxx_dsa Host host User steve Compression no Protocol 2 RSAAuthentication yes StrictHostKeyChecking no ForwardAgent yes ForwardX11 no IdentityFile /home/steve/.ssh/xxx_dsa ---/snip--- Here's another site you can have a quick look at: http://ww3.northnetworks.ca/docs/ssh_key_auth Steve > > > > the ssh'ing into system B I'm still prompted for a password. > > > > I'm lost. Any advice. > > There are 2 ways I know to do this and the following URL shows you haw > to do both. BTW, if the remote server disallows passwordless logins it > doesn't mater how hard you try. > > http://www-uxsup.csx.cam.ac.uk/pwf-linux/intro/remote.passwordless.html > > sure it's focused on linux but it'll work just the same on freeBSD