On Tue, Nov 20, 2001 at 12:27:53PM -0600, Brooks R. Robinson wrote: > Greetings, > I am trying to set up the secvpn package between two boxes (one potato, one > woody). I have the secvpn.conf figured out, no problem. My problem is a > little more basic. I can't get ssh to connect without a password. On both > boxes, I did a 'ssh-keygen' which created my '.ssh/identity' and > '.ssh/indentity.pub'. I swapped the '.ssh/indentity.pub' to > '.ssh/authorized_keys' to each machine. This is the right set of files to swap for ssh v1 or 1.5 > I try to connect and I am still asked a password. I've tried it with both > empty passphrases and obnoxious passphrases, and I get the same result > (password not passphrase). I've muddled thorough the man pages for ssh and > the vpn-howto, but I seem to be missing the final bit that makes it work. > Is my problem that I am using a mix potato and woody, or am I just missing > some configuration. Potato and woody install different versions of ssh by default. Potato installs a version of ssh (1.2.3-9.3) that defaults to using protocol v1.5 (I don't remember if it supports 2). Woody installs a version of ssh (2.5.2p2-3) that defaults to protocol v2, and it does support v1.5. If you're connecting from the potato box to the woody box, it should work with the identity and authorized_keys. Connecting from the woody box to the potato box, you need to run "ssh -1" in order to force it to use protocol v1.5. The other solution is to force both to use protocol v2, but then you need different key files. They're no longer identity, identity.pub, and authorized_keys, but I havn't learned yet what they are. I should probably do that soon... -ben -- Ben Hartshorne ...Discarding smoothly, as we disembark, email@example.com All thoughts that held us wiser for a moment ben.hartshorne.net Up there, alone, in the impartial dark. -M. Oliver My PGP key is at /pgp.txt. Please encrypt all communications.
Description: PGP signature