Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 4 Sep 2001 13:34:49 +0300
From:      Odhiambo Washington <wash@wananchi.com>
To:        FBSD-Q <freebsd-questions@FreeBSD.ORG>
Subject:   Re: SSH and connection automation
Message-ID:  <20010904133449.H30499@ns2.wananchi.com>
In-Reply-To: <20010903130118.D4A5C59D8@mark9.vladsempire.net>
References:  <20010903171657.A31458@ns2.wananchi.com> <20010903130118.D4A5C59D8@mark9.vladsempire.net>

next in thread | previous in thread | raw e-mail | index | archive | help

--5p8PegU4iirBW1oA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* Josh Paetzel <jpaetzel@hutchtel.net> [20010903 21:07]: writing on the sub=
ject 'Re: SSH and connection automation'
| On Monday 03 September 2001 09:16 am, Odhiambo Washington wrote:
| > I was today trying to be able to execute commands on a remote machine
| > without supplying a passwd using ssh. Sadly, even just login still prom=
pts
| > me for a passwd.
| >
| > Here is what I did:
| >
| > 1. Generate the key pair ($HOME/.ssh/identity.pub and identity)
| > 2. Exported identity.pub to 3 hosts which I usually connect to
| >    I copied (not renamed) the identity.pub to authorized_keys
| >
| >
| > From ssh manpage
| > "
| > ssh implements the RSA authentication protocol automatically.  The user
| > creates his/her RSA key pair by running ssh-keygen(1).  This stores
| > the private key in $HOME/.ssh/identity and the public key in
| > $HOME/.ssh/identity.pub in the user's home directory.  The user
| > should then copy the identity.pub to $HOME/.ssh/authorized_keys in his/=
her
| > home directory on the remote machine (the authorized_keys file correspo=
nds
| > to the conventional $HOME/.rhosts file, and has one key per line, though
| > the lines can be very long).  After this, the user can log in without
| > giving the password.  RSA authentication is much more secure than rhosts
| > authentication.
| > "
| >
| > What am I missing?
| >
| > I was thinking in the same lines as rlogin. My username is the same in
| > all these machines.
| >
|=20
| You probably have a permissions problem.  IIRC the .ssh dir needs to be 7=
00,=20
| and the identity pub needs to be 600.
|=20

If the man page for sshd isn't out of date then it's my dumbness.
I am looking at the section that specifies the format of the file
$HOME/.ssh/authorized_keys and don't understand where some items are
coming from. Yes, I've copied the identity.pub to authorized_keys and now
I want to edit authorized_keys but some examples on that man page have
left me stumped!


Examples
 1024 33 12121...312314325 ylo@foo.bar
 from=3D"*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23...2334 ylo@niksula
 command=3D"dump /home",no-pty,no-port-forwarding 1024 33 23...2323 backup.=
hut.fi


Where are those derived from???
I have generated a key using 1024 (default) and 2048 but they both don't
have  that second bit (aka encryption exponent)

1024 -> no of bits
33   -> encryption exponent # Where is that from or how do I know mine???

And there is also mentioned a modulus - I don't see that in my keys...

Isn't the man page outdated???


-Wash

--
Odhiambo Washington
Wananchi Online Ltd.,
wash@wananchi.com 1st Flr Loita Hse.
Tel: 254 2 313985 Loita Street.,
Fax: 254 2 313922 PO Box 10286,00100-NAIROBI,KE.

Everyone has a talent. What is rare is the courage to nurture it in solitud=
e=20
and to follow the talent to the dark places where it leads.=20
-Erica Jong, "The Craft of Poetry"=20

--5p8PegU4iirBW1oA
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7lK5In7LIsuxjem8RAiL+AJwKcnM+Tvzac3WZHZgjJZivgZ5TPgCgq6eN
lqjD5vh9kxLQ/7thlsTtYb8=
=k3Fy
-----END PGP SIGNATURE-----

--5p8PegU4iirBW1oA--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010904133449.H30499>