-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, 13 Jun 2004 15:03:11 +0200, Amir Spivak <[EMAIL PROTECTED]> wrote: > > i want to set up the SSH server on each WS so that ssh will ignore > totally the auth. files residing in the users ~/.ssh dir. > and will only authenticate using host-based authentication.
1. Make sure that your /etc/ssh/sshd_config has the following lines: HostbasedAuthentication yes IgnoreRhosts yes IgnoreUserKnownHosts yes 2. Put the names of the remote hosts in /etc/ssh/shosts.equiv (don't use /etc/hosts.equiv, that will allow rlogin and rsh without passwords). 3. Copy the public key (found in /etc/ssh/ssh_host_dsa_key.pub) with its host name of the remote hosts into /etc/ssh/ssh_known_hosts (See the sshd man page). Ehud. - -- Ehud Karni Tel: +972-3-7966-561 /"\ Mivtach - Simon Fax: +972-3-7966-667 \ / ASCII Ribbon Campaign Insurance agencies (USA) voice mail and X Against HTML Mail http://www.mvs.co.il FAX: 1-815-5509341 / \ GnuPG: 98EA398D <http://www.keyserver.net/> Better Safe Than Sorry -----BEGIN PGP SIGNATURE----- Comment: use http://www.keyserver.net/ to get my key (and others) iD8DBQFAzICBLFvTvpjqOY0RAoKWAJ9KgkVRxT59W7c5deNzC4UL6ywvOwCfbUjB hkmbhWKbXSNDTb6uwpF1VXU= =Y6FC -----END PGP SIGNATURE----- ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
