From owner-freebsd-questions Mon Mar 13 19:51:11 2000 Delivered-To: freebsd-questions@freebsd.org Received: from gscamnlh01.wr.usgs.gov (gscamnlh01.wr.usgs.gov [130.118.4.115]) by hub.freebsd.org (Postfix) with ESMTP id 54F7737B511 for ; Mon, 13 Mar 2000 19:51:02 -0800 (PST) (envelope-from rsowders@usgs.gov) Subject: Re: HELP!!! using RSA w/o passwords? To: Sam Carleton Cc: freebsd-questions@FreeBSD.ORG X-Mailer: Lotus Notes Release 5.0.2b December 16, 1999 Message-ID: From: rsowders@usgs.gov Date: Mon, 13 Mar 2000 19:50:56 -0800 X-MIMETrack: Serialize by Router on gscamnlh01/SERVER/USGS/DOI(Release 5.0.2b |December 16, 1999) at 03/13/2000 07:51:06 PM MIME-Version: 1.0 Content-type: text/plain; charset=us-ascii Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Make sure your /usr/local/etc/sshd_config has " RSAAuthentication yes" and your ssh_config have "RSAAuthentication yes" Now run ssh-keygen but when it asks you for a pass phrase do not put anything in just hit the enter key. Transfer the identity.pub from each machine into the other machines authorized_keys file. Now passwords are not used at all and it relies on the identity.pub file and the authorized_keys file and the pass-phrase (of which there is none) everything else being satisfied it will let you in if you have the correct keys (identity.pub). Warning this is not very secure, in that if one machine/account is compromised every machine that allows RSA login from the compromised machine/account is also compromised. If you are willing to tolerate this, then the preceding explanation is for you. Sam Carleton om> cc: Sent by: Subject: HELP!!! using RSA w/o passwords? owner-freebsd-questions@F reeBSD.ORG 03/13/00 04:40 PM I have both ssh and ssh2 installed on all my machines. At present all that is needed to authenticate is the users password. I would like to use RSA authentication without needed a password, but I cannot figure out how to do it. I have NOT modified the /etc/ssh2/sshd2_config file. What I have tried is this: created a public/private key on both server/client for the user. Copied the public key from the client into ~/.ssh2/authorized and ~/.ssh2/authorized_keys on the server. When I try to ssh into the server, I am still prompted for the password. I do NOT want to be prompted for the password! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message