From owner-freebsd-questions@FreeBSD.ORG  Fri Feb 18 19:48:29 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2BB5316A4CE
	for <freebsd-questions@freebsd.org>;
	Fri, 18 Feb 2005 19:48:29 +0000 (GMT)
Received: from top.daemonsecurity.com (FW-182-254.go.retevision.es
	[62.174.254.182])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 99E4E43D49
	for <freebsd-questions@freebsd.org>;
	Fri, 18 Feb 2005 19:48:28 +0000 (GMT)
	(envelope-from norgaard@locolomo.org)
Received: from [192.168.0.32] (charm.daemonsecurity.com [192.168.0.32])
	by top.daemonsecurity.com (Postfix) with ESMTP id 6C205FD01F;
	Fri, 18 Feb 2005 20:48:26 +0100 (CET)
Message-ID: <42164683.8030807@locolomo.org>
Date: Fri, 18 Feb 2005 20:48:19 +0100
From: Erik Norgaard <norgaard@locolomo.org>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.5) Gecko/20050127
X-Accept-Language: en, en-us, da, it, es
MIME-Version: 1.0
To: dave <dmehler26@woh.rr.com>
References: <006d01c515c3$92ed5300$fb7cb941@satellite>
In-Reply-To: <006d01c515c3$92ed5300$fb7cb941@satellite>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
cc: freebsd-questions@freebsd.org
Subject: Re: ssh, sftp, and public key authentication
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Feb 2005 19:48:29 -0000

dave wrote:
> Hello,
>     I've got a machine i use public keys on to which i'm trying to ssh. When
> i created a key for this user i did not define a passphrase, yet i am being
> asked for one when i ssh in to the box. I use the command ssh -i
> <filename.pub> hostname however if i do sftp username@hostname i'm allowed
> in no questions asked.
>     Help needed!

This is typically a problem with the key not being exported properly. By 
default ssh falls back to normal password authentication. You can 
configure ssh only to allow keys for extra security.

You need to export the key to the destination host like this:

$ scp .ssh/<filename.pub> username@hostname:
$ ssh hostname
$ cat <filename.pub> >> .ssh/authorized_keys

Now since username does not have access to hostname yet, you can mail or 
send by other means the public key - it's public, not secret - and have 
the admin do

# cat <filename.pub> >> ~username/.ssh/authorized_keys

Some errors I have seen is spelling authorized_keys in british english.

-- 
Ph: +34.666334818                           web: http://www.locolomo.org
S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt
Subject ID:  A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9
Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2