Re: OpenSSH: How to do RhostsRSAAuthentication?

[Mario Vukelic <mario.vukelic@chello.at>]

On 20 Apr 2001 14:02:05 -0600, John Galt wrote:

> On 20 Apr 2001, Mario Vukelic wrote:

> >I've generated the host keys with
> >root@ONE:/etc/ssh# ssh-keygen -t dsa -f ssh_host_dsa_key (with empty
> >passphrase)
> >(now send ONE's /etc/ssh/ssh_host_dsa_key.pub to root@TWO)
> >root@TWO:~# mv ssh_host_dsa_key.pub /etc/ssh/ssh_known_hosts2
> 
> AHA!  you're using known_hosts, use authorized_keys.  

Yeah, known_hosts, since I didn't want to type in a passphrase or -word,
ever. I wanted launchers on the panel that start remote apps without
asking questions


> >I've also generated user keys and distributed them
> >user@TWO:~/.ssh$ ssh-keygen -t dsa
> >(now send ~/.ssh/id_dsa.pub to user@ONE)
> >user@ONE:~$ mv id_dsa.pub .ssh/authorized_keys2
> 
> Why are you appending a 2 to all of these?  Are you trying to use ssh2
> authentication or somesuch?  There's no need to add a 2 to them, and it's
> probably breaking things.

Yes, it did break things in this case:o| The files with appended 2 are
those used for protocol 2 (ssh2), which doesn't support host based
authentication at all (or so it seems). Had I used protocol 1 in the
first place, everything would've gone smooth.

Thanks for caring,
M.

-- 

I did not vote for the Austrian government