most recent distributions of ssh just use 'authorized_keys'. It wouldn't hurt having both, but then you won't know which is required :-). I guess, 'man ssh' will tell you there right answer. But who reads docs. (Ubuntu 14.4 no longer mentions authorized_keys2) Dont forget permissions for the .ssh directory (700) steve Keith Lofstrom wrote: > Question? > > Without getting into incompetence, impersonation, > man-in-the-middle, drugs and pipe wrenches ... > > I have a friend in another state who I want to give ssh access > to on one of my machines. If I understand ssh key exchange, > > 1) he makes a private/public key pair for openssh > 1a) using a recent Linux, of course > 2) he sends me the public key over the unencrypted internet > 3) I put it in the .ssh/authorized_keys2 in his user directory > > ... and we are probably good to go, yes? Not perfect security, > but enough, I hope, to irritate a typical national spy agency. > > If necessary, we can escalate the complexity of the transfer, > (key encoded in carrier pigeon DNA - sequence DNA, eat bird) > but complication is insecure in its own way. > > Keith >
_______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug