Re: ssh w/o password?
On Sat, Nov 20, 2004 at 11:20:55AM -0500, Marc Shapiro wrote:
> I have a two machine network at home and I want to replace ftp and
> telnet with ssh for security reasons. I am under the impression that it
> is possible to set things up so that I do not have to login with my
> password, but I have not been able to do so.
>
> My user name is the same on both boxes.
>
> I am connecting from a Sarge box, the host I am trying to connect to is
> running Woody.
>
> When I connect for the first time I get a message saying that the host
> can not be authenticated, do I want to continue. I say yes and I am
> presented with a prompt for my password. I enter the password and I am in.
>
> On subsequent connections, I no longer get the warning (I now have a
> .ssh/known_hosts file which contains the name, IP address and ssh-rsa
> key for the other machine -- this is the ONLY file in the directory) but
> I still need to supply my password.
>
> It seems to me that I need to set up personal keys and this is what I am
> lacking, but I have not determined how to do so. The host keys were
> created at setup, but I have no clue how to create personal keys. How
> do I create these keys.
That's exactly what's missing. Look at the manpage of ssh-keygen. You'll get
a public and a private key (e.g. id_rsa and id_rsa.pub if you choose to
generate a RSA key) - by default they are stored inside $HOME/.ssh/.
Then you take the public keyfile and copy its contents (should only be one line,
the key and a user@host-combination) to the user on the remote machine
where you want to log in, and append it to his $HOME/.ssh/authorized_keys
(you might need to create the file, if it doesn't exist already). Then you
repeat the process (key generation, copying public key to remote user's auth
file) for the other direction. Voilà.
> Is there anything else that I need to do to config files to get this to
> work?
Hm, I think that should do it.
> Thanks for any and all help.
I hope I didn't miss anything.
Jan Nordholz
Reply to: