On Fri, Jan 31, 2003 at 05:39:22PM -0800, nate wrote: > SSH v2 is not *too* much different. though it's been a while > since I tried it with DSA authentication, last time I tried it, > it was a real bitch to get working(this was about a year ago) erm, iirc it's the same thing, only if you're using an older version of sshd you need to put the public key in ~/.ssh/authorized_keys2 instead. here's a really simple example: oil[~]20:58:57$ ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/finney/.ssh/id_dsa): Created directory '/home/finney/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/finney/.ssh/id_dsa. Your public key has been saved in /home/finney/.ssh/id_dsa.pub. The key fingerprint is: e1:a2:6a:bc:e3:c9:b8:19:57:bc:a7:6c:b6:82:87:ac finney@oil.cs.swarthmore.edu oil[~]20:59:34$ cat .ssh/id_dsa.pub >> .ssh/authorized_keys2 oil[~]21:00:18$ ssh oil # <== look ma, no passwd! Kickstart-installed Red Hat Linux Thu Jan 16 10:36:39 EST 2003 # ^===(disclaimer: not my machine) :) oil[~]21:00:26$ logout Connection to oil closed. oil[~]21:00:27$ however, the above example uses a passphraseless key, which isn't the best wrt security (same goes if you're using sshv1 rsa keys too). what's better is to use ssh-agent and a passphrase on your key. sean
Attachment:
pgpU3DF2517S5.pgp
Description: PGP signature