From owner-freebsd-questions  Fri Jun 21  9:21:10 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mailgate.jadeb.com (mailgate.jadeb.com [62.49.93.66])
	by hub.freebsd.org (Postfix) with ESMTP id EFA2637B417
	for <freebsd-questions@freebsd.org>; Fri, 21 Jun 2002 09:20:39 -0700 (PDT)
Received: from jadeb.com (firewall.jadeb.com [192.168.254.2])
	by mailgate.jadeb.com (Postfix) with ESMTP id 295E846D7E
	for <freebsd-questions@freebsd.org>; Fri, 21 Jun 2002 17:23:36 +0000 (GMT)
Received: from nettle by jadeb.com with local (RemoteNB 1.54beta1)
          for freebsd-questions@freebsd.org; 21 Jun 2002 17:20:33 +0000
Date: Fri, 21 Jun 2002 17:20:33 GMT
From: Daniel Barron <nettle@jadeb.com>
To: freebsd-questions@freebsd.org
Subject: Re: ssh keys and rsync
Message-ID: <05102b4a4b.nettle@jadeb.com>
References: <45231c4a4b.nettle@jadeb.com> <m2vg8cabrf.fsf@set.ehsrealtime.com>
In-Reply-To: <m2vg8cabrf.fsf@set.ehsrealtime.com>
X-Organization: Jades Domain
User-Agent: Messenger-Pro/2.60 (RemoteNB/1.54beta1) (RISC-OS/4.29)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

In message <m2vg8cabrf.fsf@set.ehsrealtime.com>
          Wayne Pascoe <freebsd@penguinpowered.org.uk> wrote:

> Daniel Barron <nettle@jadeb.com> writes:
> 
> > Then that was it I could just 'ssh someserver' and be logged in. 
> > Someserver is a SunOS 4.8.
> > 
> > I tried the same on the FreeBSD box and it always asked me for a
> > password. I also tried without the -t dsa.
> 
> Is it asking you for a password or a passphrase? There are differences.

Yes I know.  Password.

> Have you added the key that belongs to the user you wish to ssh as to the
> authorized_keys (or for ssh V2 authorized_keys2) file of the user that you
> wish to ssh to ?

Yes, tried both.

> 
> EG. wayne on box a wants to ssh to web on box b. wayne on box a generates a
> ssh key. The sysadmin then adds the contents of wayne's public key to
> /export/home/web/.ssh/authorized_keys2 on box b.

I'm just starting with ~/.ssh for now and will move on to /path/to/web once
I can simply ssh without password or passphrase.

> 
> > BTW, I know blank passphrases are bad, but how would I connect without
> > any user intervention?
> 
> You can use ssh-agent where you enter the passphrase once at startup, and
> then ssh uses the running agent to authenticate against requests.

I saw info on that but had no sucess.  However it seems to be for interactive
use rather than crontab-ed.

-- 
Daniel Barron
(Visit http://dansguardian.org/ - True web content filtering for all)


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message