Skip site navigation (1)Skip section navigation (2) 
Date:      26 Nov 2000 21:32:15 -0600
From:      tayers@bridge.com
To:        questions@FreeBSD.ORG
Subject:   Help Understanding SSH 
Message-ID:  <m3itpaum2o.fsf@tim.bridge.com>
next in thread | raw e-mail | index | archive | help 

I have just installed two machines with FreeBSD 4.1.1. I'm trying to
set up SSH for my account (not root). When I installed FreeBSD I set
the security level to "medium" so I could telnet in while I figure
things out. It appears that the sshd for the "medium" setting uses
SSH1. Does the "high" security setting use SSH2? Should I care?

So far I have done the following to allow ssh connections from host A
to host B.

  * I ran 'ssh-keygen' on host A. I accepted the default file names. I
    entered a pass phrase when prompted. 

    What's the purpose of the passphrase? Do I need one?

  * I copied the contents of A:~/.ssh/identity.pub into
    B:~/.ssh/authorized_keys. 
  
The first time I ran 'ssh B' on host A I got the following:

  The authenticity of host 'B' can't be established.
  RSA key fingerprint is xx:xx:xx:....
  Are you sure you want to continue connecting (yes/no)? yes
  Warning: Permanently added 'B' (RSA) to the list of known hosts.
  Enter passphrase for RSA key 'tayers@A.foo.net': 

and then I was logged into B. Is the "The authenticity of host 'B'"
message of any concern? Does it always say that when you connect to a
machine for the first time? Is there another step I should do to avoid
this warning?

Then I disconnect from B and connect again: 'ssh B'. It works without
the "authenticity" warning, but it prompts for the passphrase
again. Blech. ;-p Is there a way to set this up so I don't have to
type the passphrase in all the time? Having to type the passphrase
makes doing 'ssh B <command>' from a script kind of troublesome.

Thanks a lot for your help and
Hope you have a very nice day, :-)
Tim Ayers (tayers@bridge.com)




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m3itpaum2o.fsf>