From owner-freebsd-questions  Mon Sep  3 15:44:35 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from ns1.hutchtel.net (ns1.hutchtel.net [206.9.112.100])
	by hub.freebsd.org (Postfix) with ESMTP id BC02637B407
	for <questions@freebsd.org>; Mon,  3 Sep 2001 15:44:31 -0700 (PDT)
Received: from there (hutch-467.hutchtel.net [209.105.45.195])
	by ns1.hutchtel.net (8.9.1/8.9.0) with SMTP id RAA03637;
	Mon, 3 Sep 2001 17:44:29 -0500 (CDT)
Message-Id: <200109032244.RAA03637@ns1.hutchtel.net>
Content-Type: text/plain;
  charset="iso-8859-1"
X-KMail-Redirect-From: Josh Paetzel <jpaetzel@hutchtel.net>
Subject: Re: SSH and connection automation
From: Josh Paetzel <jpaetzel@hutchtel.net>(by way of Josh Paetzel <jpaetzel@hutchtel.net>)
Date: Mon, 3 Sep 2001 05:40:27 -0500
To: questions@freebsd.org
Cc: wash@wananchi.com
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Monday 03 September 2001 09:16 am, Odhiambo Washington wrote:
> I was today trying to be able to execute commands on a remote machine
> without supplying a passwd using ssh. Sadly, even just login still prompts
> me for a passwd.
>
> Here is what I did:
>
> 1. Generate the key pair ($HOME/.ssh/identity.pub and identity)
> 2. Exported identity.pub to 3 hosts which I usually connect to
>    I copied (not renamed) the identity.pub to authorized_keys
>
>
> From ssh manpage
> "
> ssh implements the RSA authentication protocol automatically.  The user
> creates his/her RSA key pair by running ssh-keygen(1).  This stores
> the private key in $HOME/.ssh/identity and the public key in
> $HOME/.ssh/identity.pub in the user's home directory.  The user
> should then copy the identity.pub to $HOME/.ssh/authorized_keys in his/her
> home directory on the remote machine (the authorized_keys file corresponds
> to the conventional $HOME/.rhosts file, and has one key per line, though
> the lines can be very long).  After this, the user can log in without
> giving the password.  RSA authentication is much more secure than rhosts
> authentication.
> "
>
> What am I missing?
>
> I was thinking in the same lines as rlogin. My username is the same in
> all these machines.

You probably have a permissions problem.  IIRC the .ssh dir needs to be 700,
and the identity pub needs to be 600.

Josh

> TIA
>
>
> -Wash

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message