Re: New ssh v2 and authentication
* Gary Hennigan (glhenni@sandia.gov) wrote:
> I'm a bit confused by the fact that OpenSSH now defaults to using
> version 2. How do I use ssh-agent as I have in the past to do
> password-less logins?
>
> In the past I'd do this once with my pass phrase:
>
> % ssh-keygen
> <blah,blah,blah>
>
> and copy the contents ~/.ssh/identity.pub to the remote machine
> ~/.ssh/authorized_keys.
>
> then when I log in to my machine, which runs my window manager via
> ssh-agent, I'd do
>
> % ssh-add
> <blah,blah,blah>
>
> and, viola, I could log in to the remote machine without entering my
> password or passphrase.
>
> How is the same thing accomplished in version 2? I know about
> generating id_[d|r]sa using "ssh-keygen -t" and that there is now a
> ~/.ssh/authorized_keys2 file but what goes into it to allow
> passwordless login via ssh-agent? I tried adding ~/.ssh/id_dsa.pub and
> ~/.ssh/id_rsa.pub to the remote machines ~/.ssh/authorized_keys2 but
> that didn't do the trick.
>
> Thanks,
> Gary
Gary,
I use the same setup. In my authorized_keys2 I only have my sshd
machine's public key (cut and paste from id_rsa.pub in its entirety).
Then I copied both id_rsa and id_rsa.pub to ~/.ssh on my remote machine.
It is maybe wrong to copy both, but my ssh-agent complains if I don't
have id_rsa.pub on the remote machine. Then it basically started
working. I have
Protocol 2,1
RSAAuthentication yes
in the sshd_config
This is all it took me to do to get RSA authentication working.
Alex.
-----------------------
Oleksandr Moskalenko
malex@purdue.edu
-----------------------
pub 1024D/6C5F196B 2001-08-17 /* http://www.tagancha.org/pgp */
Oleksandr V. Moskalenko (Alex) <malex@tagancha.org>
Fingerprint = EE63 C471 ADBA 5D80 ADFB 1054 DA28 6F32 6C5F 196B
----------------------------------------------------------------
Reply to: