From owner-freebsd-questions Fri Apr 9 15:26:52 1999 Delivered-To: freebsd-questions@freebsd.org Received: from stennis.ca.sandia.gov (stennis.ca.sandia.gov [146.246.243.44]) by hub.freebsd.org (Postfix) with ESMTP id 22E0015BBE for ; Fri, 9 Apr 1999 15:23:43 -0700 (PDT) (envelope-from bmah@stennis.ca.sandia.gov) Received: (from bmah@localhost) by stennis.ca.sandia.gov (8.9.3/8.9.3) id PAA17514; Fri, 9 Apr 1999 15:21:30 -0700 (PDT) Message-Id: <199904092221.PAA17514@stennis.ca.sandia.gov> X-Mailer: exmh version 2.0.2 2/24/98 To: cjclark@home.com Cc: lowell@world.std.com (Lowell Gilbert), freebsd-questions@FreeBSD.ORG Subject: Re: Using ssh on Multiple Machines In-Reply-To: Your message of "Fri, 09 Apr 1999 12:15:52 EDT." <199904091615.MAA08195@cc942873-a.ewndsr1.nj.home.com> From: bmah@CA.Sandia.GOV (Bruce A. Mah) Reply-To: bmah@CA.Sandia.GOV X-Face: g~c`.{#4q0"(V*b#g[i~rXgm*w;:nMfz%_RZLma)UgGN&=j`5vXoU^@n5v4:OO)c["!w)nD/!!~e4Sj7LiT'6*wZ83454H""lb{CC%T37O!!'S$S&D}sem7I[A 2V%N&+ X-Url: http://www.ca.sandia.gov/~bmah/ Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==_Exmh_2009433012P"; micalg=pgp-md5; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit Date: Fri, 09 Apr 1999 15:21:30 -0700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --==_Exmh_2009433012P Content-Type: text/plain; charset=us-ascii If memory serves me right, "Crist J. Clark" wrote: > > Just for the record, I think the the ssh man pages are *great.* Very > > clear, and still fairly concise given the huge amount of material they > > cover. > > > > The basic trick is that you create a .ssh/authorized_keys file > > containing the ssh keys you want to accept. > > Right, and this is where I find things confusing. From the ssh(1) > manpage, [snip] Crist, you stopped reading too soon. :-) Take another look at the rest of what Lowell wrote, as well as the manpages for ssh-agent and ssh-add. What you'll end up doing is running an instance of ssh-agent. You'll authenticate to it using ssh-add exactly ONE time (giving your passphrase). After that, you'll be able to ssh and scp to other machines that have an appropriate authorized_keys file without the need to type a passphrase again. The key points here (pun not intended) is that the ssh-agent process holds the authentication information once you've typed your passphrase, and that other ssh/scp processes that get started will query ssh-agent to get that authentication information when they make remote connections. I agree that the way you're using your RSA key and passphrase right now is cumbersome. That's the problem that ssh-agent is designed to solve. Good luck! Bruce. --==_Exmh_2009433012P Content-Type: application/pgp-signature -----BEGIN PGP MESSAGE----- Version: 2.6.2 iQCVAwUBNw59aajOOi0j7CY9AQEjhgP9FNwt6DHEgfqEZo/EAgR9xaiVRvEDt4XX Wc94H0MifMJ91eCXGSFetWjxqYeaqTpKV6uAFCBwNgkkKhBF1ILdDU+8xTYa/r8P H3tpXJ3EZgP4Up2VnlWlgnh8b5QW9FD4yyNKG8RF/BYFihBMeWqfEjOdJFsnJ4mQ VypCf5HSJO8= =wqxE -----END PGP MESSAGE----- --==_Exmh_2009433012P-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message