On Thu, 3 Jun 1999, David Stern wrote:
>> How does one set up SSH properly without passwords?
>>
>> On my local private LAN, I've got SSH running, and I've copied my
>> identity.pub on the local machine to the authorized_keys file on
>> the other, as well as setting perms on authorized_keys to 600.
>>
>> Does one *REQUIRE* the .shosts file as well? If so, what is the
>> exact syntax of that file (pointers to non-cryptic,
>> and easy to read/understand documentation are fine).
>
>No need for .shosts file.
>
>Try this:
> Make a key on the machine that's going to be the client
> ssh-keygen
>
> Give it an empty passphrase
AHH! That is where I went wrong. I always assumed that a
passphrase was NEEDED. I am a fairly technical person, and
usually technical documentation is fine by me, however I wish to
heck that a lot of the GNU and other documentation authors out
there would write documentation clear enough that you could
figure these things out for yourself without having to understand
all of the underlying protocols, etc.. giving good examples of
usage, etc..
I guess in a free world one can't complain though. ;o)
> add the resultant ~/.ssh/identity.pub to the server machine's
> ~/.ssh/authorized_keys, and you should be able to log in without
> a prompt.
>
>If this DOESN'T work, check the following:
It worked. FINALLY! I have always given ssh a passphrase when
it asked. I wish it said "Enter (optional) passphrase"
instead...
>- access (allowhost) in /etc/sshd_config
>- does the pub key match teh authorized_hosts?
>- what does ssh -v (hostname) say
Not needed now, your first suggestion was the right one. ;o)
The only other question pertaining to ssh that I would like to
know is:
How do you log in without a password from a machine with a
dynamic IP address, to a machine with a static IP address? I've
done the same as above, but I still get prompted for password, or
passphrase. Is it impossible over dynamic IP?
--
Mike A. Harris Linux advocate GNU advocate
Computer Consultant Open Source advocate
Tea, Earl Grey, Hot...
