Re: ssh
On 2/28/07, Roberto C. Sanchez <roberto@connexer.com> wrote:
On Wed, Feb 28, 2007 at 03:42:48PM +0100, Giacomo Montagner wrote:
>
>
> Hi!
> Usually I do not change anything in ssh configuration. All I do is this:
>
> On source machine:
>
> user1@host1:~$ ssh-keygen -t dsa
> <use empty passphrase>
>
> user1@host1:~$ cat ~/.ssh/id_dsa.pub
>
> On destination machine:
> user2@host2:~$ vi ~/.ssh/authorized_keys
> <paste the content of user1@host1's id_dsa.pub and save the file>
>
> Now you should be able to do:
> user1@host1:~$ ssh user2@host2
>
> without needing to type any password.
>
> Hope this helps.
>
Ahh. That's what I was afraid of. Having ssh keys without a passphrase
is convenient, but very insecure. You are better off without the keys.
For the longest time I did not understand that, then some kind soul on
this list pointed to ssh-agent and keychain. Very minor inconvenience
(enter the passphrase once when you login), and *much* more secure.
I use this method, (without passphrase) to be able to run script (with
cronjob) from one machine into other, if I put a passphrase that is
not going to work, am I right?
Anyway to get my key, a "hacker" will need access to my PC right? if
both PCs are secured there should be no chance to get my keys stolen.
--
Guillermo Garron
"Linux IS user friendly... It's just selective about who its friends are."
(Using FC6, CentOS4.4 and Ubuntu 6.06)
http://feeds.feedburner.com/go2linux
http://www.go2linux.org
Reply to:
- Follow-Ups:
- Re: ssh
- From: Sven Arvidsson <sa@whiz.se>
- Re: ssh
- From: "Roberto C. Sanchez" <roberto@connexer.com>
- References:
- Re: ssh
- From: "Guillermo Garron" <guillermo.fedora@gmail.com>
- Re: ssh
- From: "Guillermo Garron" <guillermo.fedora@gmail.com>
- Re: ssh
- From: "Roberto C. Sanchez" <roberto@connexer.com>
- Re: ssh
- From: "Giacomo Montagner" <mantager@gmail.com>
- Re: ssh
- From: "Roberto C. Sanchez" <roberto@connexer.com>