On Wed, Feb 28, 2007 at 03:42:48PM +0100, Giacomo Montagner wrote: > > > Hi! > Usually I do not change anything in ssh configuration. All I do is this: > > On source machine: > > user1@host1:~$ ssh-keygen -t dsa > <use empty passphrase> > > user1@host1:~$ cat ~/.ssh/id_dsa.pub > > On destination machine: > user2@host2:~$ vi ~/.ssh/authorized_keys > <paste the content of user1@host1's id_dsa.pub and save the file> > > Now you should be able to do: > user1@host1:~$ ssh user2@host2 > > without needing to type any password. > > Hope this helps. > Ahh. That's what I was afraid of. Having ssh keys without a passphrase is convenient, but very insecure. You are better off without the keys. For the longest time I did not understand that, then some kind soul on this list pointed to ssh-agent and keychain. Very minor inconvenience (enter the passphrase once when you login), and *much* more secure. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com
Attachment:
signature.asc
Description: Digital signature