On Sat, May 08, 1999 at 07:13:15PM -0400, Cimarron Ryan <[EMAIL PROTECTED]>
wrote:
> Uhhhh... that sounds like a very, very bad idea to me. That'll let anyone
> read my .ssh/identity, which is bad. Quoting from man ssh:
>
> $HOME/.ssh/identity
> Contains the RSA authentication identity of the user. This
> file contains sensitive data and
> should be readable by the user but not accessible by
> others.
>
> The permisions on /root are 777, on /root/.ssh are 755, and on each of the
> files in /root/.ssh are 600, all of which I believe matches the
> recommendations in ssh(1).
>
> Besides, doing a "chmod -R 755 *" would mark _all_ the files in /root as
> executable, which is wrong.
Yeah.. whatever.. I figured you had no clue about permissions
and just gave an easy one to you ;)
As far as reading identity file -- you do have it passphrase
protected, right?
> As for which is better... That may be a matter of preference, but here's
> why I'd prefer to use ssh: Don't have to type a long, complicated password
> every time, automatically sets a nice DISPLAY env variable for me, totally
> secure. More functionality + easier + secure = better in my book.
Actually, if you dont' want to type long password every time, just:
% ssh-agent startx
and then in the xterm window do:
% ssh-add
..and then you all set ;)
[ man ssh-keygen ssh-agent ssh-add ]
-- Yan
> -----Original Message-----
> From: Jan B. Koum [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, May 08, 1999 18:56
> To: Cimarron Ryan; [EMAIL PROTECTED]
> Subject: Re: ssh -l root
>
>
>
> That means that either /root or /root/.ssh directories have odd
> file permissions. Either they are non-readable or world readable or
> something. Do as root: "chmod -R 755 /root"
> And see if that helps (that will make /root and everything below
> that directory including .ssh mode 755)
>
> Actually, IMHO it might be best to ssh in as user and then su(1) ;)
