Re: ssh again..

2016-07-13 Thread Go Canes
On Tue, Jul 12, 2016 at 4:13 PM, Gordon Messmer wrote: > On 07/12/2016 10:44 AM, Go Canes wrote: > >> >> No, they don't. Private keys belong on your closest system, on an >> encrypted volume. Often, you will only need one. >> >> >> If the OP uses ssh to go

Re: ssh again..

2016-07-12 Thread cs
On 12Jul2016 17:32, bruce wrote: so on the box1 i have the priv key on box1 i have have ssh-agent on box1 With your private key loaded. "ssh-add -l" will tell you if it is. on box1, in the config file, do i need to have box2 To easily connect, perhaps. To connect with

Re: ssh again..

2016-07-12 Thread Gordon Messmer
On 07/12/2016 02:32 PM, bruce wrote: so on the box1 i have the priv key on box1 i have have ssh-agent on box1 on box1, in the config file, do i need to have box2 You *can* specify agent forwarding in the configuration file, but I have to disagree with users who recommended doing so. My

Re: ssh again..

2016-07-12 Thread bruce
hey... so on the box1 i have the priv key on box1 i have have ssh-agent on box1 on box1, in the config file, do i need to have box2 on box2 I don't need to have the pub key from box1, but i do have to have what??? and then whatever I have on box2, gets replicated on the other boxes in the

Re: ssh again..

2016-07-12 Thread Gordon Messmer
On 07/12/2016 10:44 AM, Go Canes wrote: No, they don't. Private keys belong on your closest system, on an encrypted volume. Often, you will only need one. If the OP uses ssh to go from system1:user1 to system2:user2, and then wants to use ssh to go from system2:user2 to

Re: ssh again..

2016-07-12 Thread Tom Horsley
On Tue, 12 Jul 2016 13:44:26 -0400 Go Canes wrote: > If the OP uses ssh to go from system1:user1 to system2:user2, and then > wants to use ssh to go from system2:user2 to system3:user3, are you saying > that only system1:user requires a public key, and that system2:user2 can > ssh out without

Re: ssh again..

2016-07-12 Thread Go Canes
On Mon, Jul 11, 2016 at 5:23 PM, Gordon Messmer wrote: > On 07/11/2016 12:27 PM, Go Canes wrote: > >> Each user on each system needs to have a private ssh key, and a public >> ssh key. >> > > No, they don't. Private keys belong on your closest system, on an > encrypted

Re: ssh again..

2016-07-11 Thread Gordon Messmer
On 07/11/2016 12:27 PM, Go Canes wrote: Each user on each system needs to have a private ssh key, and a public ssh key. No, they don't. Private keys belong on your closest system, on an encrypted volume. Often, you will only need one. For maximum convenience (which equals less security),

Re: ssh again..

2016-07-11 Thread Go Canes
Others have touched on this, but I will attempt to summarize. Each user on each system needs to have a private ssh key, and a public ssh key. For maximum security, each key pair should be unique. This means you will need to copy all of the public keys to all of the other servers, and add

Re: ssh again..

2016-07-08 Thread Gordon Messmer
On 07/07/2016 08:59 PM, Niels Kobschätzki wrote: You would need now to copy also the private key to all the boxes into ~/.ssh of the user which you want to use (user1). SSH agent forwarding does allow you to connect from system to system, without copying your private key anywhere. Your

Re: ssh again..

2016-07-08 Thread Gordon Messmer
On 07/07/2016 06:07 PM, bruce wrote: What do I need to add to the local box, or to box1 / box2 to permit me to hop from box1 to box2 without having to add a key from/between box1 and box2? You need to install the public key on all five systems. if ssh forwarding is the soln, what has to be

Re: ssh again..

2016-07-08 Thread Markus Schönhaber
Bruce, Thu, 7 Jul 2016 21:07:38 -0400: > Say I have 5 boxes on my network, > > box1 > box2 > box3 > box4 > box5 > > Each box has a generic user - user1, with limited perms/access > > On my local box, i create a pub/private ssh key. I copy the pub key to each > box.. > > From my local box, I

Re: ssh again..

2016-07-07 Thread Niels Kobschätzki
bruce writes: > Hey... (again) > > > Still trying to get my mind around how to solve this. Someone mentioned ssh > forwarding, but I've not gotten it to work. > > > Say I have 5 boxes on my network, > > box1 > box2 > box3 > box4 > box5 > > Each box has a generic user - user1, with limited

Re: ssh again..

2016-07-07 Thread Ranjan Maitra
i see: this is a fedora list, but have you tried posting to the centos ml? though, in my experience, there is less traffic there than here. regardless of where you post, you should provide detailed output, including using ssh -vvv. btw, can you log in with ssh? keygen is to get around typing a

Re: ssh again..

2016-07-07 Thread bruce
Hey Ranjan All boxes are running centos 6.5 the keys where created using key-gen on each box, i created a user testuser1 for testing/ease thanks On Thu, Jul 7, 2016 at 10:35 PM, Ranjan Maitra < maitra.mbox.igno...@inbox.com> wrote: > What are these boxes running? Also, how did you create

Re: ssh again..

2016-07-07 Thread Ranjan Maitra
What are these boxes running? Also, how did you create your ssh key(s)? Ranjan On Thu, 7 Jul 2016 21:07:38 -0400 bruce wrote: > Hey... (again) > > > Still trying to get my mind around how to solve this. Someone mentioned ssh > forwarding, but I've not gotten it to work.

ssh again..

2016-07-07 Thread bruce
Hey... (again) Still trying to get my mind around how to solve this. Someone mentioned ssh forwarding, but I've not gotten it to work. Say I have 5 boxes on my network, box1 box2 box3 box4 box5 Each box has a generic user - user1, with limited perms/access On my local box, i create a