Re: ssh keys from two behind-the-firewall boxes?

["Jean-Marc V. Liotier" <jim@jipo.com>]

On Sat, 2003-02-01 at 01:55, Matthew Daubenspeck wrote:
> On Fri, Jan 31, 2003 at 06:08:31PM -0600, will trillich wrote:
>
> > doing the ssh-keygen thing works like a charm; you copy your
> > private keys to the remote box and then just slap it into your
> > ~/.ssh/authorized_keys file and poof, no more passwords! so now
> > you can run ssh-driven scripts without having to worry about the
> > username/password interruption.
> 
> Does anyone have a FAQ on how to set this all up?

Below is what worked for me. I think that it may vary according to the
version of the SSH protocol that you want to use, but it works like that
on a stock Debian unstable.

# On the local host :
ssh-keygen -t dsa -f id_dsa
# When prompted for a password, just press 'enter'.
scp id_dsa.pub username@remote.host.net:~/

# On the remote host :
test -d ~/.ssh || mkdir ~/.ssh
chmod 700 ~/.ssh
cd ~/.ssh
touch authorized_keys2
cat ~/id_dsa.pub >> authorized_keys2
chmod 640 authorized_keys2
rm -f ~/id_dsa.pub

That's it, you are set with passwordless SSH. Taking advantage of
ssh-agent to avoid using passwordless keys would be the next
evolutionary step, but I'm not there yet and I am already very happy to
be able to script scp, rsync and unison sessions, and to be able to
login everywhere without repetitive keyboard entry.