>>> On Fri, Jul 20, 2007 at 10:00 AM, in message <[EMAIL PROTECTED]>, RPN01 <[EMAIL PROTECTED]> wrote: > Could the two sides just trade keys with each other, allowing ssh access in > either direction without specifying a password?
That's the theory, anyway. Or, have one key pair for both endpoint and spread those around. I don't recommend that however. > To do the "into any linux userid" part, you'd have to pass down a key for > root to each of the linux boxes in question. More than that, actually. You'd need to put the superuser's public key into every user's ./ssh/authorized_keys file, on every Linux box. With a little scripting you could automate that fairly easily: Send the public key to the root user on each system Have the root user create the .ssh directory for each user if it doesn't already exist Append the public key to the authorized_keys file in each of those directories. Make sure to exclude any accounts that shouldn't ever be logged on in the first place, and you should be ready to go. Mark Post ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
