Date: Tue, 4 Sep 2001 13:34:49 +0300 From: Odhiambo Washington <wash@wananchi.com> To: FBSD-Q <freebsd-questions@FreeBSD.ORG> Subject: Re: SSH and connection automation Message-ID: <20010904133449.H30499@ns2.wananchi.com> In-Reply-To: <20010903130118.D4A5C59D8@mark9.vladsempire.net> References: <20010903171657.A31458@ns2.wananchi.com> <20010903130118.D4A5C59D8@mark9.vladsempire.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--5p8PegU4iirBW1oA Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable * Josh Paetzel <jpaetzel@hutchtel.net> [20010903 21:07]: writing on the sub= ject 'Re: SSH and connection automation' | On Monday 03 September 2001 09:16 am, Odhiambo Washington wrote: | > I was today trying to be able to execute commands on a remote machine | > without supplying a passwd using ssh. Sadly, even just login still prom= pts | > me for a passwd. | > | > Here is what I did: | > | > 1. Generate the key pair ($HOME/.ssh/identity.pub and identity) | > 2. Exported identity.pub to 3 hosts which I usually connect to | > I copied (not renamed) the identity.pub to authorized_keys | > | > | > From ssh manpage | > " | > ssh implements the RSA authentication protocol automatically. The user | > creates his/her RSA key pair by running ssh-keygen(1). This stores | > the private key in $HOME/.ssh/identity and the public key in | > $HOME/.ssh/identity.pub in the user's home directory. The user | > should then copy the identity.pub to $HOME/.ssh/authorized_keys in his/= her | > home directory on the remote machine (the authorized_keys file correspo= nds | > to the conventional $HOME/.rhosts file, and has one key per line, though | > the lines can be very long). After this, the user can log in without | > giving the password. RSA authentication is much more secure than rhosts | > authentication. | > " | > | > What am I missing? | > | > I was thinking in the same lines as rlogin. My username is the same in | > all these machines. | > |=20 | You probably have a permissions problem. IIRC the .ssh dir needs to be 7= 00,=20 | and the identity pub needs to be 600. |=20 If the man page for sshd isn't out of date then it's my dumbness. I am looking at the section that specifies the format of the file $HOME/.ssh/authorized_keys and don't understand where some items are coming from. Yes, I've copied the identity.pub to authorized_keys and now I want to edit authorized_keys but some examples on that man page have left me stumped! Examples 1024 33 12121...312314325 ylo@foo.bar from=3D"*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23...2334 ylo@niksula command=3D"dump /home",no-pty,no-port-forwarding 1024 33 23...2323 backup.= hut.fi Where are those derived from??? I have generated a key using 1024 (default) and 2048 but they both don't have that second bit (aka encryption exponent) 1024 -> no of bits 33 -> encryption exponent # Where is that from or how do I know mine??? And there is also mentioned a modulus - I don't see that in my keys... Isn't the man page outdated??? -Wash -- Odhiambo Washington Wananchi Online Ltd., wash@wananchi.com 1st Flr Loita Hse. Tel: 254 2 313985 Loita Street., Fax: 254 2 313922 PO Box 10286,00100-NAIROBI,KE. Everyone has a talent. What is rare is the courage to nurture it in solitud= e=20 and to follow the talent to the dark places where it leads.=20 -Erica Jong, "The Craft of Poetry"=20 --5p8PegU4iirBW1oA Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7lK5In7LIsuxjem8RAiL+AJwKcnM+Tvzac3WZHZgjJZivgZ5TPgCgq6eN lqjD5vh9kxLQ/7thlsTtYb8= =k3Fy -----END PGP SIGNATURE----- --5p8PegU4iirBW1oA-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010904133449.H30499>