From owner-freebsd-questions Sun Nov 26 19:32:45 2000 Delivered-To: freebsd-questions@freebsd.org Received: from bcfw1d.bridge.com (bcfw1d.ext.bridge.com [167.76.159.31]) by hub.freebsd.org (Postfix) with ESMTP id 1268E37B479 for ; Sun, 26 Nov 2000 19:32:43 -0800 (PST) Received: (from uucp@localhost) by bcfw1d.bridge.com (8.10.2/8.10.2) id eAR3XZY07615 for ; Sun, 26 Nov 2000 21:33:35 -0600 (CST) Received: from unknown(167.76.56.34) by bcfw1d.bridge.com via smap (V5.5) id xma007588; Sun, 26 Nov 00 21:33:19 -0600 Received: from mnmailhost (mnmailhost.bridge.com [167.76.155.14]) by mail1srv.bridge.com (8.8.8/8.7.3) with SMTP id VAA11396 for ; Sun, 26 Nov 2000 21:32:20 -0600 (CST) Received: from tayerspc by mnmailhost (SMI-8.6/SMI-4.1) id WAA27661; Sun, 26 Nov 2000 22:32:17 -0500 From: tayers@bridge.com To: questions@FreeBSD.ORG Subject: Help Understanding SSH Date: 26 Nov 2000 21:32:15 -0600 Message-ID: Lines: 40 User-Agent: Gnus/5.0807 (Gnus v5.8.7) Emacs/20.7 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I have just installed two machines with FreeBSD 4.1.1. I'm trying to set up SSH for my account (not root). When I installed FreeBSD I set the security level to "medium" so I could telnet in while I figure things out. It appears that the sshd for the "medium" setting uses SSH1. Does the "high" security setting use SSH2? Should I care? So far I have done the following to allow ssh connections from host A to host B. * I ran 'ssh-keygen' on host A. I accepted the default file names. I entered a pass phrase when prompted. What's the purpose of the passphrase? Do I need one? * I copied the contents of A:~/.ssh/identity.pub into B:~/.ssh/authorized_keys. The first time I ran 'ssh B' on host A I got the following: The authenticity of host 'B' can't be established. RSA key fingerprint is xx:xx:xx:.... Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'B' (RSA) to the list of known hosts. Enter passphrase for RSA key 'tayers@A.foo.net': and then I was logged into B. Is the "The authenticity of host 'B'" message of any concern? Does it always say that when you connect to a machine for the first time? Is there another step I should do to avoid this warning? Then I disconnect from B and connect again: 'ssh B'. It works without the "authenticity" warning, but it prompts for the passphrase again. Blech. ;-p Is there a way to set this up so I don't have to type the passphrase in all the time? Having to type the passphrase makes doing 'ssh B ' from a script kind of troublesome. Thanks a lot for your help and Hope you have a very nice day, :-) Tim Ayers (tayers@bridge.com) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message