Re: apt-get upgrade problems
Dave Sherohman <esper@visi.com> writes:
> I just did an apt-get upgrade (to frozen) for the first time in several
> months. Unlike most of the people who say things like that around here,
> everything is still (mostly) functional, but it has acquired a few
> unpleasant quirks...
>
> 1) I used to have SSH set up so that I could jump between the boxen on my
> LAN without having to reenter passwords. This no longer works. I had
> previously arranged it using /etc/ssh/shosts.equiv, which probably isn't the
> best way to do it anyhow. Although my primary interest is in not having to
> retype my password constantly, I would also like to find out how to do this
> the 'right' way.
I think the preferred method of accomplishing this is using the
ssh-agent. I believe on Debian, if you're using a login manager, wdm,
xdm, etc., the agent is started when you log in. Read the ssh-agent
man page for more info. The idea is to have the agent at the root of
your login session.
First make sure all the machines have the line
RSAAuthentication yes
in /etc/ssh/sshd_config. I believe this is the default setting.
Next you'll want to make sure you've generated your keys and given a
passphrase. Do this with ssh-keygen. You only have to do this once and
after that only when you want to change your passphrase.
After the keygen you'll have a file called ~/.ssh/identity.pub. Copy
the contents of that file and add it to the file on remote machines
called ~/.ssh/authorized_keys.
Now, when you log in you just add your passphrase to the cache that
the ssh-agent maintains via the ssh-add command. You'll be able log in
to remote machines, running sshd, without a password, or passphrase,
prompt.
It's not quite as easy as the method you used, but it's certainly more
secure.
[snip #2 and #3]
> Suggestions, anyone?
[sorry, no idea on #2 and #3]
Gary
Reply to: