From owner-freebsd-questions Mon Nov 27 19: 0: 7 2000 Delivered-To: freebsd-questions@freebsd.org Received: from bcfw1d.bridge.com (bcfw1d.ext.bridge.com [167.76.159.31]) by hub.freebsd.org (Postfix) with ESMTP id 5F6C137B4D7 for ; Mon, 27 Nov 2000 19:00:02 -0800 (PST) Received: (from uucp@localhost) by bcfw1d.bridge.com (8.10.2/8.10.2) id eAS30w622641 for ; Mon, 27 Nov 2000 21:00:59 -0600 (CST) Received: from unknown(167.76.56.34) by bcfw1d.bridge.com via smap (V5.5) id xma022609; Mon, 27 Nov 00 21:00:49 -0600 Received: from mnmailhost (mnmailhost.bridge.com [167.76.155.14]) by mail1srv.bridge.com (8.8.8/8.7.3) with SMTP id UAA23968 for ; Mon, 27 Nov 2000 20:59:50 -0600 (CST) Received: from tayerspc by mnmailhost (SMI-8.6/SMI-4.1) id VAA16158; Mon, 27 Nov 2000 21:59:48 -0500 From: tayers@bridge.com To: questions@FreeBSD.ORG Subject: Re: Help Understanding SSH References: <20001128022232.8341A3E08@bazooka.unixfreak.org> In-Reply-To: dima@unixfreak.org's message of "Mon, 27 Nov 2000 18:22:32 -0800 (PST)" User-Agent: Gnus/5.0807 (Gnus v5.8.7) Emacs/20.7 Date: 27 Nov 2000 20:59:44 -0600 Message-ID: Lines: 37 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >>>>> "D" == Dima Dorfman writes: D> Mike Meyer wrote: >> tayers@bridge.com types: >> > Then I disconnect from B and connect again: 'ssh B'. It works without >> > the "authenticity" warning, but it prompts for the passphrase >> > again. Blech. ;-p Is there a way to set this up so I don't have to >> > type the passphrase in all the time? Having to type the passphrase >> > makes doing 'ssh B ' from a script kind of troublesome. >> >> I haven't fooled with passphrases. You may need to set things up >> without one. However, according to the ssh-keygen man page, you need >> to copy the .ssh/identity.pub key into .ssh/authorized_keys on the >> remote machine. I'd try that first. D> This is to get the RSA key working in the first place (identity.pub -> D> authorized_keys is telling the server that they key can be used to D> connect to that user's account). What you're looking for is D> ssh-agent(1) and ssh-add(1). Thanks for the answers. stock@fishcracker.com and Dima suggested using ssh-agent, but I don't think that is useful in my case. I have UNIX servers that need to communicate with other servers. So I want server A to be able to run a command on server B. I did not make this clear in my original message. Mike's implication is what allows this to work without a prompt. If you create an SSH key without a passphrase it works like I want: without prompting for a passphrase. I'm still looking for the what/why of the passphrase. I assume it is additional security, but haven't seen that printed anywhere. Thanks and Hope you have a very nice day, :-) Tim Ayers (tayers@bridge.com) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message