Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 13 Sep 2001 12:33:34 +0300
From:      Odhiambo Washington <wash@wananchi.com>
To:        George Reid <greid@FreeBSD.org>
Cc:        FBSD-Q <freebsd-questions@freebsd.org>
Subject:   Re: SSH Password Authentication...
Message-ID:  <20010913123334.K86225@ns2.wananchi.com>
In-Reply-To: <20010913023125.A190@FreeBSD.org>
References:  <IAEKKLIOEBMAKJIIGEBBKEJGCDAA.ecrim@earthlink.net> <NFBBJPHLGLNJEEECOCHAEEMNCCAA.deuce@lordlegacy.org> <20010912114309.K6733@ns2.wananchi.com> <20010913023125.A190@FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help

--6TrnltStXW4iwmi0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* George Reid <greid@FreeBSD.org> [20010913 04:31]: writing on the subject =
'Re: SSH Password Authentication...'
| On Wed, Sep 12, 2001 at 11:43:09AM +0300, Odhiambo Washington wrote:
|=20
| > This works for others, but ++NEVER++ worked for me.
|=20
| You probably have the wrong permissions on ~/.ssh on the remote machine.
|=20

Hi George,

I actually managed to get this thing working yesterday and even as I posted=
 and trolled on the list that this
thing did not work, I was actually doing the very correct thing, except at =
a miniature step where things didn't seem
right. I could attribute that to the man pages, since we all differ in the =
way we present a view.
Here is the section of the manual that I seemed not to understand well but =
now makes so much sense.

##
AUTHORIZED_KEYS FILE FORMAT
     The $HOME/.ssh/authorized_keys file lists the RSA keys that are permit=
ted
     for RSA authentication in SSH protocols 1.3 and 1.5 Similarly, the
     $HOME/.ssh/authorized_keys2 file lists the DSA keys that are permitted
     for DSA authentication in SSH protocol 2.0.  Each line of the file con-
     tains one key (empty lines and lines starting with a `#' are ignored as
     comments).  Each line consists of the following fields, separated by
     spaces: options, bits, exponent, modulus, comment.  The options field =
is
     optional; its presence is determined by whether the line starts with a
     number or not (the option field never starts with a number).  The bits,
     exponent, modulus and comment fields give the RSA key; the comment fie=
ld
     is not used for anything (but may be convenient for the user to identi=
fy
     the key).
##


The mistake that I was doing was like this (on the remote machine)

cd .ssh/
cp identity.pub authorized_keys


=2E.instead of

cat identity.pub > authorized_keys


One thing that I am yes to understand though is:

1. Is it better to use DSA or RSA
2. If I have authorized_keys and authorized_keys2, how does ssh make the de=
cision on what to use?
3. I realize that when I make a key with a passphrase then I have to be the=
re to manually enter it if I wanted a task to
   complete in my absence. Is there a way to circumvent this other than mak=
e keys without a passphrase?

Other than those questions I must say I am so happy it's working.


TIA

-Wash

--
Odhiambo Washington
Wananchi Online Ltd.,
wash@wananchi.com 1st Flr Loita Hse.
Tel: 254 2 313985 Loita Street.,
Fax: 254 2 313922 PO Box 10286,00100-NAIROBI,KE.

Not many men have both good fortune and good sense.=20
-Titus Livy=20

--6TrnltStXW4iwmi0
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7oH1un7LIsuxjem8RAiBuAJ9uoeMxHsjk+iY07sCqeaUx4kBrVwCglD/s
8FMbb/7HCC8rkYSFPOzy+vI=
=LPTt
-----END PGP SIGNATURE-----

--6TrnltStXW4iwmi0--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010913123334.K86225>