From owner-freebsd-questions Mon Nov 27 17:58:20 2000 Delivered-To: freebsd-questions@freebsd.org Received: from guru.mired.org (okc-65-26-235-186.mmcable.com [65.26.235.186]) by hub.freebsd.org (Postfix) with SMTP id 6CF9F37B4C5 for ; Mon, 27 Nov 2000 17:58:17 -0800 (PST) Received: (qmail 35048 invoked by uid 100); 28 Nov 2000 01:58:16 -0000 From: Mike Meyer MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <14883.4408.235484.60031@guru.mired.org> Date: Mon, 27 Nov 2000 19:58:16 -0600 (CST) To: tayers@bridge.com Cc: questions@freebsd.org Subject: Re: Help Understanding SSH In-Reply-To: <52357945@toto.iv> X-Mailer: VM 6.75 under 21.1 (patch 10) "Capitol Reef" XEmacs Lucid X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`;h9L,Yg`+vb1>RG% *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\ X-Message: You should get a better mailer. Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Well, I was hoping someone who had more experience with ssh would get to this one, but it hasn't happened. Take the following with more salt than usual. tayers@bridge.com types: > The first time I ran 'ssh B' on host A I got the following: > The authenticity of host 'B' can't be established. > RSA key fingerprint is xx:xx:xx:.... > Are you sure you want to continue connecting (yes/no)? yes > Warning: Permanently added 'B' (RSA) to the list of known hosts. > Enter passphrase for RSA key 'tayers@A.foo.net': This is normal the first time you connect to a host. SSH keeps an IP/host key mapping around. The first time you connect, it doesn't have that, and wants you to know that it's trusting the remote host to be who it claims to be. > Then I disconnect from B and connect again: 'ssh B'. It works without > the "authenticity" warning, but it prompts for the passphrase > again. Blech. ;-p Is there a way to set this up so I don't have to > type the passphrase in all the time? Having to type the passphrase > makes doing 'ssh B ' from a script kind of troublesome. I haven't fooled with passphrases. You may need to set things up without one. However, according to the ssh-keygen man page, you need to copy the .ssh/identity.pub key into .ssh/authorized_keys on the remote machine. I'd try that first.