At 17:40 11/10/2004, you wrote:
I just went through this yesterday, and here is my recipe. On machine 1: 1. Create your public/private key (I used dsa): ssh-keygen -t dsa 2. Copy the contents of ~/.ssh/id_dsa.pub to machine 2 using ssh-copy-id: ssh-copy-id -i ~/.ssh/id_dsa.pub machine2ssh-copy-id copies the id_dsa.pub file located in your .ssh/ to machine2 usingssh. It sets up the authorized_key file and permissions appropriately. Once it is copied over, then you should be able to ssh into machine2 from machine1 without typing in a password. John
Woo! Many thanks for the pointer on that ssh-copy-id program, it sorted everything out perfectly - predictably, my permissions were utterly fubarred from what SSHD would consider a reasonably secure setup.
Only problem remaining is that I had to give my sync accounts password-based entries in order to get the keys to share. How do I disable their passworded logins and enable key-only auth for them (whilst retaining password based auth for other users)? Is it just a matter of deleting the entries in /etc/shadow? I've not googled for it yet, but if anyone has any quick 'n' dirty pointers I'd love to hear 'em!
Argh, just tried to do it from host2 to host1 and it's not wanting to work that way this time. Bah! More haXx0ring to ensue...