Re: Passwordless ssh, "once and for all"...

From: Bobby Patel <anup_patel(at)rogers.com>
Date: Thu Dec 12 2002 - 21:29:43 EST

Steps:
0. "rm -r .ssh" directories on Machine Master and Machine 1 1. Create keys "ssh-keygen -t rsa" on Machine Master (accept defaults, and don't enter passphrase)
2. Create keys "ssh-keygen -t rsa" on Machine 1 (the lazy way to create .ssh directory)
3a. copy id_rsa.pub to authorized_keys2 (if authorized_keys2 doesn't exist create it ) file on Machine 1.
3b. open up authorized_keys2 file in pico and make sure the public key is all one line long

4. chmod 600 (or try 644) authorized_keys2 file.
5. ssh in "ssh machine1@123.123.123.123"
6. accept RSA fingerprint of machine 1, ---this is what should go into

know_host(2) file

This should give Master----> Machine 1

Hints/Notes:
- make sure all folders leading up to .ssh directory is NOT World/other writable OR wolrd/other doesn;t have a sticky bit. - When creating keys for passwordless access, create keys with no passphrase (just press enter)
- that being said, IF the above doesn't work, try creating keys with passphrase and try ssh'ing into Machine 1 and hopefully that give passphrase prompt
- Once you get passphrase prompts create empty passprahse keys and try the above sreps again.
- If that still doesn't work create an authorized_keys file (instead of "authorized_keys2") (chmod 600 or 644 again)

I hope this helps

• Original Message ----- From: "Mike Sowka" <msowka@doe.carleton.ca> To: <secureshell@securityfocus.com> Sent: Wednesday, December 11, 2002 4:49 PM Subject: Passwordless ssh, "once and for all"...

> Hello,
Received on Fri Dec 13 13:08:26 2002