Date: Sun, 12 May 2002 11:33:37 +0100 From: Scott Mitchell <scott.mitchell@mail.com> To: Jonathan Chen <jonc@chen.org.nz> Cc: Darren Pilgrim <dmp@pantherdragon.org>, freebsd-questions@FreeBSD.ORG Subject: Re: How do I get SSH to not ask for my password? Message-ID: <20020512113337.A1008@fishballoon.dyndns.org> In-Reply-To: <20020512103752.A29162@grimoire.chen.org.nz>; from jonc@chen.org.nz on Sun, May 12, 2002 at 10:37:52AM %2B1200 References: <3CDD9588.96ED7F2D@pantherdragon.org> <20020512103752.A29162@grimoire.chen.org.nz>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, May 12, 2002 at 10:37:52AM +1200, Jonathan Chen wrote: > On Sat, May 11, 2002 at 03:04:56PM -0700, Darren Pilgrim wrote: > > The other day I saw a machine with SSH set up in such a way that it > > didn't ask for a password, even though there was a password on the shell > > account the user was connecting to. How is this done? > > On the local machine, generate a "identity" and "identity.pub" file using > ssh-keygen. (You don't need to do this if you already have it.) Put the > contents of "identity.pub" into the remote machine's ~/.ssh/authorized_hosts > file. ITYM ~/.ssh/authorized_keys Depending on whether you generated an RSA1, RSA or DSA key (see the -t option to ssh-keygen) you might also need to put a public key into ~/.ssh/authorized_keys2 on the server. I usually just generate all three key types -- makes life easier when you have several different SSH versions running on 4 different platforms, with subtle configuration differences. ssh-keygen should generate everything with the right permissions by default -- in particular, the private keys should be readable only by you. I have my ~/.ssh directory chmod-ed 700 as well. HTH, Scott -- =========================================================================== Scott Mitchell | PGP Key ID | "Eagles may soar, but weasels Cambridge, England | 0x54B171B9 | don't get sucked into jet engines" scott.mitchell@mail.com | 0xAA775B8B | -- Anon To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020512113337.A1008>