From owner-freebsd-questions@FreeBSD.ORG Wed Jun 1 20:38:44 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 15EB116A41C for ; Wed, 1 Jun 2005 20:38:44 +0000 (GMT) (envelope-from nkinkade@fastmail.fm) Received: from out3.smtp.messagingengine.com (out3.smtp.messagingengine.com [66.111.4.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 84DA243D4C for ; Wed, 1 Jun 2005 20:38:43 +0000 (GMT) (envelope-from nkinkade@fastmail.fm) Received: from frontend2.messagingengine.com (frontend2.internal [10.202.2.151]) by frontend1.messagingengine.com (Postfix) with ESMTP id 3A2E5C96399; Wed, 1 Jun 2005 16:38:42 -0400 (EDT) X-Sasl-enc: omhPDS5XP7MMTk3sqCnWaHdO/ZIpWtxVxV8LLAmrN7Ij 1117658321 Received: from gentoo-npk.bmp.ub (unknown [206.27.244.136]) by www.fastmail.fm (Postfix) with ESMTP id 7CE95570147; Wed, 1 Jun 2005 16:38:40 -0400 (EDT) Received: from nkinkade by gentoo-npk.bmp.ub with local (Exim 4.21) id 1DdZz5-00020Q-Gd; Wed, 01 Jun 2005 14:38:39 -0600 Date: Wed, 1 Jun 2005 14:38:39 -0600 From: Nathan Kinkade To: Steven Friedrich Message-ID: <20050601203839.GH21127@gentoo-npk.bmp.ub> Mail-Followup-To: Steven Friedrich , freebsd-questions@freebsd.org References: <200506011449.45455.FreeBSD@InsightBB.com> <429E0B57.2070701@scls.lib.wi.us> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="VousOZe2B5HJrJZY" Content-Disposition: inline In-Reply-To: <429E0B57.2070701@scls.lib.wi.us> X-PGP-Fingerprint: 3FDF A406 B149 3959 A8CB C5A9 3B46 4812 D852 7E49 User-Agent: Mutt/1.5.6i Sender: Cc: freebsd-questions@freebsd.org Subject: Re: can't figure out ssh, read lots of docs... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Nathan Kinkade List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Jun 2005 20:38:44 -0000 --VousOZe2B5HJrJZY Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jun 01, 2005 at 02:24:07PM -0500, Greg Barniskis wrote: > Steven Friedrich wrote: > >I'm trying to use scp and I get prompted for a password or passphrase fo= r=20 > >each invocation. > > > >I figure I need to figure out how to get ssh to connect without promptin= g,=20 > >but I just can't get it. I've read all the man pages and my head is=20 > >swirling. I went to the OpenSSH web site and got no further. I've been= =20 > >in the business for 28 years and can usually figure things out from man= =20 > >pages, but ssh doesn't seem to be clear enough. I've been unemployed fo= r=20 > >over a year and can't afford the OReilly book right now (which I'm=20 > >offering as my defense for asking here). > > > > (the sshd server). Since what you say you want is real transparency=20 > (no prompts), don't assign a passphrase when generating the keys. > > Greg Barniskis, Computer Systems Integrator The poster is correct in that what you probably what to do is setup public-key authentication using ssh, however, I would highly recommend that you NOT use a blank passphrase for your private key. ssh-agent, a utility that I think comes standard with the openssh package will store your passphrase for a given login session and automatically supply it for you so that you don't have to type the passphrase each time. Check the manpage for ssh-agent(1). To make it even more convenient there is nice little shell script program called keychain that will manage your passphrases for all login sessions at once. With keychain you will only have to supply your passphrase(s) once when you first login or boot your system and that's it. I don't think leaving a private key around on your system without a passphrase is a good idea, and especially if you are using it to automatically authenticate to a remote machine. Keychain is in the ports collection. http://www.gentoo.org/proj/en/keychain/ Nathan --VousOZe2B5HJrJZY Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFCnhzPO0ZIEthSfkkRAkuqAKDpLX4Gpy4kXSFKmmNXopNx5qsejQCdHquK 4jOvDrr7VYUTqw+srf/b7rE= =itOW -----END PGP SIGNATURE----- --VousOZe2B5HJrJZY--