Re: (SOLVED): OpenSSH: How to do RhostsRSAAuthentication?
On 20 Apr 2001 15:22:25 +0200, Mario Vukelic wrote:
NOTE: For the case that other people have problems too (and for the
archive), I'll annotate my original config with info on how it works
> please help before I tear my hair out. I'm trying to get
> RhostsRSAAuthentication to work.
> [...]
> I've generated the host keys with
> root@ONE:/etc/ssh# ssh-keygen -t dsa -f ssh_host_dsa_key (with empty
> passphrase)
RhostRSAAuthentication seems to work only with protocol 1. Therefore
everything must be set up for Protocol 1:
root@ONE:/etc/ssh# ssh-keygen -f ssh_host_key
> Then I prepared
> /etc/ssh/ssh_known_hosts2
ssh_known_hosts
> I've also generated user keys and distributed them
> user@TWO:~/.ssh$ ssh-keygen -t dsa
ssh-keygen -f id_rsa1
> (now send ~/.ssh/id_dsa.pub to user@ONE)
> user@ONE:~$ mv id_dsa.pub .ssh/authorized_keys2
> (and vice versa)
.ssh/authorized_keys
> This is my config:
> root@ONE:/etc/ssh# cat sshd_config
> (excerpt)
> Protocol 2,1
1,2
> HostKey /etc/ssh/ssh_host_dsa_key
ssh_host_key
> IgnoreRhosts yes
> IgnoreUserKnownHosts yes
> RhostsAuthentication no
> RhostsRSAAuthentication yes
> RSAAuthentication yes
> PasswordAuthentication yes
>
> root@TWO:/etc/ssh# cat ssh_config
> (excerpt)
> Host ONE
> RhostsAuthentication no
> RhostsRSAAuthentication yes
> RSAAuthentication yes
> PasswordAuthentication yes
> FallBackToRsh no
> UseRsh no
> IdentityFile ~/.ssh/id_dsa
~/.ssh/id_rsa1
> Protocol 2,1
1,2
>
> root@ONE:/etc# cat hosts.equiv
> +TWO
> root@ONE:/etc# ls -l hosts.equiv
> -rw-r--r-- 1 root root 13 Apr 20 12:17 ../hosts.equiv
OK
>
> root@TWO:/etc# cat hosts.equiv
> +ONE
> root@TWO:/etc# ls -l hosts.equiv
> -rw-r--r-- 1 root root 13 Apr 20 12:18 ../hosts.equiv
OK
--
I did not vote for the Austrian government
Reply to: