From owner-freebsd-questions@FreeBSD.ORG Sun Oct 17 21:45:55 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C83BC16A4CE for ; Sun, 17 Oct 2004 21:45:55 +0000 (GMT) Received: from web53306.mail.yahoo.com (web53306.mail.yahoo.com [206.190.39.235]) by mx1.FreeBSD.org (Postfix) with SMTP id 5718643D45 for ; Sun, 17 Oct 2004 21:45:55 +0000 (GMT) (envelope-from non_secure@yahoo.com) Message-ID: <20041017214554.30558.qmail@web53306.mail.yahoo.com> Received: from [24.94.23.114] by web53306.mail.yahoo.com via HTTP; Sun, 17 Oct 2004 14:45:54 PDT Date: Sun, 17 Oct 2004 14:45:54 -0700 (PDT) From: Joe Schmoe To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: passwordless ssh logins _STILL_ not working - help needed. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Oct 2004 21:45:55 -0000 I am trying to allow _all users_ on CLIENT to login to SERVER without a password. IMPORTANT: I am not interested in user keys _at all_ - at no point in this process should I ever be dealing with any keys in /home/user/.ssh - I am only interested in doing this with HOST keys - where I copy one key between SERVER and CLIENT, and _all_ users on CLIENT can login to SERVER without a password. Don't even mention user keys. My /etc/sshd/sshd_config is exactly the same on both SERVER and CLIENT: #VersionAddendum FreeBSD-20020629 #Port 22 #Protocol 2,1 #ListenAddress 0.0.0.0 #ListenAddress :: # Authentication: IgnoreRhosts yes #RhostsRSAAuthentication no HostbasedAuthentication yes IgnoreUserKnownHosts yes ChallengeResponseAuthentication no Further, SERVER has CLIENT in its /etc/hosts.equiv, and CLIENT has SERVER in its /etc/hosts.equiv Finally, I have copied the output of /etc/sshd/ssh_host_rsa_key.pub on each system to /etc/ssh/known_hosts on the other system. The permissions on /etc/ssh/known_hosts on each system are: 2 -rw-r--r-- 1 root wheel So that's it. The options are set in sshd_config, the keys have been exchanged, hosts.equiv are populated and permissions are correct. SO now I go to CLIENT and run: ssh user@SERVER and I get a password prompt!!! So what am I doing wrong ? Again - NO user keys are used and I am not interested in user keys _AT ALL_. DOn't even mention the /home/user/.ssh directory. The goal here is to share one public key between SERVER and CLIENT and allow _all_ users on CLIENT to log into SERVER without a password. So what am I doing wrong ? thanks. _______________________________ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com