If SSH still denies passwordless... RE: [wplug] sshd config -- no password?

Patryk Laurent patryk at pakl.net
Tue Mar 30 13:24:09 EST 2004


If the passwordless ssh still doesn't work after the fine instructions you
received, you might need to do this too (I had to):


"The SSH server is paranoid, and will refuse to honour your
authorized_keys settings if they have poor file permissions, so you
should lock down your files and directories:

  username at server$ cd $HOME
  username at server$ chmod go-w .

  username at server$ cd $HOME/.ssh
  username at server$ chmod 700 .
  username at server$ chmod 600 *
"

Patryk



On Tue, 30 Mar 2004, Ryan Frenz wrote:

> Date: Tue, 30 Mar 2004 13:19:21 -0500 (EST)
> From: Ryan Frenz <rfrenz at andrew.cmu.edu>
> Reply-To: General user list <wplug at wplug.org>
> To: General user list <wplug at wplug.org>
> Subject: RE: [wplug] sshd config -- no password?
> 
> Thanks a bunch, that's exactly what I needed.
> 
> Ryan
> 
> On Tue, 30 Mar 2004, Embery, Nathan wrote:
> 
> > Here's the notes I jotted down the last time I did this on FreeBSD and
> > Solaris
> > They may not be exact, but close enough to get you started.
> > Nate
> >
> > Log into your freebsd box
> > run #ssh-keygen -t dsa
> >
> > This will create your id_dsa and id_dsa.pub files in ~/.ssh/
> >
> > Now copy your id_dsa.pub to the target machine
> >
> > scp ~/.ssh/id_dsa.pub ip_or_hostname:/home/nate/xfilename
> >
> > then log in to that box
> >
> > ssh ip_or_hostname
> >
> > enter your password for the last time ;-)
> >
> > copy the source machines public key into your authorized_keys2 file (you may
> > need to touch it)
> >
> > touch ~/.ssh/authorized_keys2
> > cat xfilename >> authorized_keys2
> >
> > exit your shell, returning to the source machine
> >
> > test with ssh nate at ip_or_hostname
> >
> > repeat this process using the target machine as the source machine
> >
> >
> > -----Original Message-----
> > From: Ryan Frenz [mailto:rfrenz at andrew.cmu.edu]
> > Sent: Tuesday, March 30, 2004 1:06 PM
> > To: wplug at wplug.org
> > Subject: [wplug] sshd config -- no password?
> >
> >
> > I'm looking for a way to allow ssh connections from certain machines
> > without requiring passwords.  I have a script that connects to my machine
> > and checks if a certain process is running.  I want this to occur
> > automatically, without having to enter a pwd each time it connects.  Is
> > there a way I can specify to sshd a list of hosts that don't have to
> > authenticate (while still requiring others to)?  I'm guessing this has to
> > do with specifying host keys to sshd_config -- but I don't even know where
> > to start.
> >
> > Thanks,
> >
> > Ryan
> > _______________________________________________
> > wplug mailing list
> > wplug at wplug.org
> > http://www.wplug.org/mailman/listinfo/wplug
> > _______________________________________________
> > wplug mailing list
> > wplug at wplug.org
> > http://www.wplug.org/mailman/listinfo/wplug
> >
> >
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
> 




More information about the wplug mailing list