Date: Sun, 17 Oct 2004 14:45:54 -0700 (PDT) From: Joe Schmoe <non_secure@yahoo.com> To: freebsd-questions@freebsd.org Subject: passwordless ssh logins _STILL_ not working - help needed. Message-ID: <20041017214554.30558.qmail@web53306.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
I am trying to allow _all users_ on CLIENT to login to SERVER without a password. IMPORTANT: I am not interested in user keys _at all_ - at no point in this process should I ever be dealing with any keys in /home/user/.ssh - I am only interested in doing this with HOST keys - where I copy one key between SERVER and CLIENT, and _all_ users on CLIENT can login to SERVER without a password. Don't even mention user keys. My /etc/sshd/sshd_config is exactly the same on both SERVER and CLIENT: #VersionAddendum FreeBSD-20020629 #Port 22 #Protocol 2,1 #ListenAddress 0.0.0.0 #ListenAddress :: # Authentication: IgnoreRhosts yes #RhostsRSAAuthentication no HostbasedAuthentication yes IgnoreUserKnownHosts yes ChallengeResponseAuthentication no Further, SERVER has CLIENT in its /etc/hosts.equiv, and CLIENT has SERVER in its /etc/hosts.equiv Finally, I have copied the output of /etc/sshd/ssh_host_rsa_key.pub on each system to /etc/ssh/known_hosts on the other system. The permissions on /etc/ssh/known_hosts on each system are: 2 -rw-r--r-- 1 root wheel So that's it. The options are set in sshd_config, the keys have been exchanged, hosts.equiv are populated and permissions are correct. SO now I go to CLIENT and run: ssh user@SERVER and I get a password prompt!!! So what am I doing wrong ? Again - NO user keys are used and I am not interested in user keys _AT ALL_. DOn't even mention the /home/user/.ssh directory. The goal here is to share one public key between SERVER and CLIENT and allow _all_ users on CLIENT to log into SERVER without a password. So what am I doing wrong ? thanks. _______________________________ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041017214554.30558.qmail>