On Sat, May 15, 1999 at 11:06:37PM -0700, Paul Newhouse <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I've been using passphrases for my ssh sesion for a while. I just
> recently decided to to use ssh in an automated environment and have
> tried to get the connection to authenticate by using the encrypted
> passphrases in authorized_keys. I get the following results:
>
> SSH Version 1.2.26 [i386--netbsd], protocol version 1.5.
> Compiled with RSAREF.
> pimin: Reading configuration data /home/sgivpn/.ssh/config
> pimin: Reading configuration data /etc/ssh_config
> pimin: ssh_connect: getuid 6666 geteuid 6666 anon 1
> pimin: Connecting to bigbox.wan.vpn [172.16.89.45] port 22.
> pimin: Connection established.
> pimin: Remote protocol version 1.5, remote software version 1.2.26
> pimin: Waiting for server public key.
> pimin: Received server public key (768 bits) and host key (1024 bits).
> pimin: Host 'bigbox.wan.vpn' is known and matches the host key.
> pimin: Initializing random; seed file /home/sgivpn/.ssh/random_seed
> pimin: Encryption type: idea
> pimin: Sent encrypted session key.
> pimin: Installing crc compensation attack detector.
> pimin: Received encrypted confirmation.
> pimin: No agent.
> pimin: Trying RSA authentication with key 'sgivpn@pimin'
> pimin: Received RSA challenge from server.
> pimin: Will not query passphrase for sgivpn@pimin in batch mode.
> Bad passphrase.
> pimin: Remote: Wrong response to RSA authentication challenge.
> Permission denied.
>
> I thought that generating keys on each of the two hosts and putting those
> keys in the other hosts "authorized_keys" files was the right thing to do?
>
>
> Host A Host B
>
> ssh-keygen <blah> ssh-keygen <blah> where <blah> is the passphrase
>
> authorized_keys <---- identity.pub put the results of the keygen from
> identity.pub ----> authorized_keys identity.pub into the other hosts
> "authorized_keys" file.
>
> Have I misunderstood how to do this? Can someone point me at what I might be
> doing incorrectly?
>
> Platform i386/NetBSD
> ssh 1.2.26
>
> TIA,
> Paul
>
For automated (cronjob, script, etc) ssh/scp you can't have a
passphrase. ;(
-- Yan
"My experience and some of my friends' experience is that Linux is quite
unreliable. Microsoft is really unreliable but Linux is worse. In a non-PC
environment, it just won't hold up. If you're using it on a single box,
that's one thing. But if you want to use Linux in firewalls, gateways,
embedded systems, and so on, it has a long way to go." - Ken Thompson
