Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 4 Sep 2001 10:58:32 +0300
From:      Odhiambo Washington <wash@wananchi.com>
To:        FBSD-Q <freebsd-questions@FreeBSD.ORG>
Cc:        jpaetzel@hutchtel.net, edwin@mavetju.org, jm.fandino@fadesa.es
Subject:   Re: SSH and connection automation
Message-ID:  <20010904105832.F30499@ns2.wananchi.com>
In-Reply-To: <20010903130118.D4A5C59D8@mark9.vladsempire.net>
References:  <20010903171657.A31458@ns2.wananchi.com> <20010903130118.D4A5C59D8@mark9.vladsempire.net>

next in thread | previous in thread | raw e-mail | index | archive | help

--ZmUaFz6apKcXQszQ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* Josh Paetzel <jpaetzel@hutchtel.net> [20010903 21:07]: writing on the sub=
ject 'Re: SSH and connection automation'
| On Monday 03 September 2001 09:16 am, Odhiambo Washington wrote:
| > I was today trying to be able to execute commands on a remote machine
| > without supplying a passwd using ssh. Sadly, even just login still prom=
pts
| > me for a passwd.
| >
| > Here is what I did:
| >
| > 1. Generate the key pair ($HOME/.ssh/identity.pub and identity)
| > 2. Exported identity.pub to 3 hosts which I usually connect to
| >    I copied (not renamed) the identity.pub to authorized_keys
| >
| >
| > From ssh manpage
| > "
| > ssh implements the RSA authentication protocol automatically.  The user
| > creates his/her RSA key pair by running ssh-keygen(1).  This stores
| > the private key in $HOME/.ssh/identity and the public key in
| > $HOME/.ssh/identity.pub in the user's home directory.  The user
| > should then copy the identity.pub to $HOME/.ssh/authorized_keys in his/=
her
| > home directory on the remote machine (the authorized_keys file correspo=
nds
| > to the conventional $HOME/.rhosts file, and has one key per line, though
| > the lines can be very long).  After this, the user can log in without
| > giving the password.  RSA authentication is much more secure than rhosts
| > authentication.
| > "
| >
| > What am I missing?
| >
| > I was thinking in the same lines as rlogin. My username is the same in
| > all these machines.
| >
|=20
| You probably have a permissions problem.  IIRC the .ssh dir needs to be 7=
00,=20
| and the identity pub needs to be 600.


I made changes to reflect these permissions, but

#
wash:~/.ssh$ ssh -v ns2
SSH Version OpenSSH_2.3.0 green@FreeBSD.org 20010321, protocol versions
1.5/2.0.
Compiled with SSL (0x0090601f).
debug: Reading configuration data /etc/ssh/ssh_config
debug: ssh_connect: getuid 1000 geteuid 1000 anon 1
debug: Connecting to ns2.wananchi.com [62.8.64.4] port 22.
debug: Connection established.
debug: Remote protocol version 1.99, remote software version OpenSSH_2.3.0
green
@FreeBSD.org 20010321
debug: match: OpenSSH_2.3.0 green@FreeBSD.org 20010321 pat
^OpenSSH[-_]2\.3
debug: Local version string SSH-1.5-OpenSSH_2.3.0 green@FreeBSD.org
20010321
debug: Waiting for server public key.
debug: Received server public key (768 bits) and host key (1024 bits).
debug: Host 'ns2' is known and matches the RSA host key.
debug: Encryption type: 3des
debug: Sent encrypted session key.
debug: Installing crc compensation attack detector.
debug: Received encrypted confirmation.
debug: Bad key file /home/wash/.ssh/identity.
debug: Doing password authentication.
wash@ns2's password:
#

Can someone tell me step by step what they did to achieve what I am trying
to achieve.

TIA

-Wash

--
Odhiambo Washington
Wananchi Online Ltd.,
wash@wananchi.com 1st Flr Loita Hse.
Tel: 254 2 313985 Loita Street.,
Fax: 254 2 313922 PO Box 10286,00100-NAIROBI,KE.

I am an agnostic; I do not pretend to know what many ignorant men are sure =
of.=20
-Clarence Darrow=20
(contributed by Chris Johnston)=20

--ZmUaFz6apKcXQszQ
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7lImon7LIsuxjem8RAq6ZAJ9fosFzIGnMZW5B45l1vXfZ4rT+7QCeKbhD
YXuFpbi5aGRrFtCEyisUMGY=
=g1x8
-----END PGP SIGNATURE-----

--ZmUaFz6apKcXQszQ--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010904105832.F30499>