From owner-freebsd-questions Tue Jan 21 16: 9:42 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8FC1537B401 for ; Tue, 21 Jan 2003 16:09:40 -0800 (PST) Received: from maul.immure.com (ns.immure.com [207.8.42.72]) by mx1.FreeBSD.org (Postfix) with ESMTP id C67EC43F13 for ; Tue, 21 Jan 2003 16:09:38 -0800 (PST) (envelope-from bob@immure.com) Received: (from root@localhost) by maul.immure.com (8.12.6/8.12.6) id h0M09cL6051231; Tue, 21 Jan 2003 18:09:38 -0600 (CST) (envelope-from bob@immure.com) Received: from luke.immure.com (luke.vieo.com [10.1.132.3]) by maul.immure.com (8.12.6/8.12.3) with ESMTP id h0M09bwe051176; Tue, 21 Jan 2003 18:09:37 -0600 (CST) (envelope-from bob@immure.com) Received: (from root@localhost) by luke.immure.com (8.12.6/8.12.3) id h0M09btG002954; Tue, 21 Jan 2003 18:09:37 -0600 (CST) (envelope-from bob@luke.immure.com) Received: from luke.immure.com (localhost [127.0.0.1]) by luke.immure.com (8.12.6/8.12.3) with ESMTP id h0M09bfv002929; Tue, 21 Jan 2003 18:09:37 -0600 (CST) (envelope-from bob@luke.immure.com) Received: (from bob@localhost) by luke.immure.com (8.12.6/8.12.6/Submit) id h0M09bt8002928; Tue, 21 Jan 2003 18:09:37 -0600 (CST) Date: Tue, 21 Jan 2003 18:09:37 -0600 From: Bob Willcox To: "Michael K. Smith" Cc: questions list Subject: Re: ssh with public keys and no prompts...I can't get it to work! Message-ID: <20030122000936.GE91874@luke.immure.com> Reply-To: Bob Willcox References: <20030121230003.GD91874@luke.immure.com> <5C19659C-2D9D-11D7-8983-003065CA9420@noanet.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5C19659C-2D9D-11D7-8983-003065CA9420@noanet.net> User-Agent: Mutt/1.5.1i X-scanner: scanned by Inflex 1.0.12.3 on luke.immure.com X-scanner: scanned by Inflex 1.0.12.3 on maul.immure.com Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, Jan 21, 2003 at 04:06:30PM -0800, Michael K. Smith wrote: > > On Tuesday, January 21, 2003, at 03:00 PM, Bob Willcox wrote: > > >On Tue, Jan 21, 2003 at 02:38:33PM -0800, Michael K. Smith wrote: > >> > >>Hello: > >> > >>Did you create your keys with no passwords, as in "ssh-keygen -t dsa" > >>then just hit return a couple of times instead of giving a password? > > > >No, I didn't try that yet...just did now and it works! Great! :-) What > >is the downside (if any) to not specifying a passphrase? > > Well, if someone got your private keys without a password, they could > use them to log in all over your network using just the scenario you > are using now. That's one reason to have rwx for the user only on the > .ssh directory. But, I think the likelihood of this is fairly small > (famous last words, I know). In this particular case that shouldn't be a real problem since these are simply test systems in a lab invironment and they will probably get reinstalled over within a few months anyway. :-) Bob > > Mike > > ------------------------------------------------------------------------ > -- > Michael K. Smith NoaNet > 206.219.7116 (work) 206.579.8360 (cell) > mksmith@noanet.net http://www.noanet.net -- Bob Willcox We seem to have forgotten the simple truth that bob@vieo.com reason is never perfect. Only non-sense attains Austin, TX perfection. -- Poul Henningsen [1894-1967] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message