> >>> Pollywog <[EMAIL PROTECTED]> 08/14/08 9:32 AM >>> > On Thursday 14 August 2008 15:29:27 Gavin Spomer wrote: > > >>> Lyndon Nerenberg <[EMAIL PROTECTED]> 08/13/08 7:10 PM >>> > > > > > > You need to start an ssh-agent on the machine you're connecting from and > > > populate it with your keychain: > > > > > > eval `ssh-agent` > > > ssh-add > > > > > > Add the above to your .profile, or check the Linux PAM implementation to > > > see if it has ssh session support. > > > > > > --lyndon > > > > Thanks. > > > > That made it possible for me to ssh from SuSE server to FreeBSD server, but > > now when I ssh from my Mac to SuSE server it wants a password now: > > > > Enter passphrase for /home/myusername/.ssh/id_rsa: > > > > I read the FreeBSD handbook section "14.11.7 ssh-agent and ssh-add" and > > don't have anything much more intelligent to say but "I don't understand". > > ;) > > > > Questions: > > > > 1. If the ssh-agent and ssh-add utilities load the keys into memory, > > they'd be wiped if I rebooted? > > Yes, rebooting will take the keys out of memory and you would need to > use 'ssh-add' on the command line to put the keys and passphrase in memory. > The 'ssh-add -D' command removes the keys when you are done but are not > logging out. > > > > > 2. Is #1 why I'd add it to my ~/.profile? > > This is so that ssh-agent is set when you login at a console. I don't know > about Mac but some Linux distributions have session scripts so that this is > done for you when you start a KDE session. I don't believe ~/.profile will > be read unless you login at a console or xterm or similar. > > When you add stuff to your ~/.profile, I recommend doing it on a separate > account first. I once added those lines on a Linux system and was locked out > on that account but I was able to get in with another account, su to root, > and remove the lines in the affected user ~/.profile and then I was no longer > locked out. > > > > 3. How am I able to ssh (without a password) from my Mac to SuSE server > > or Mac to FreeBSD server when I don't have "eval `ssh-agent`" and "ssh-add" > > in my .profile on my Mac? > > You can do 'ssh-agent bash' followed by 'ssh-add' but this will not work > until > you have generated your SSH keys with: > > ssh-keygen -t rsa -b 1024 > or > ssh-keygen -t dsa -b 1024 > > or similar. Until you do that, you have to use your login password and > cannot > use a passphrase since you have not set one. Setting the passphrase is part > of the process of generating your SSH keys. > > BTW I do not know if you are using the "keychain" utility. Be very careful > with it. It can be confusing. I found it inconvenient to use and no longer > use it. > > There are some fine SSH tutorials online, I believe "OnLamp" has some. Just > make sure they are not more than about 3 yrs old.
All good information. Thanks. I will save this for future reference. :) _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"