[NTLUG:Discuss] SSH problem explained
MadHat
madhat at unspecific.com
Mon Feb 18 09:29:41 CST 2002
One (of the many) problem I had, was where I was trying to show how to
get the server to prompt for the ssh-agent pass-phrase instead of the
password, the reason it didn't work is because I set up the key at
madhat-laptop, and then was ssh'ing to localhost, if I had been ssh'ing
to madhat-laptop, it would have seen that the key was generated on the
host I am coming frmo and would have prompted me for the passphrase
first.
So, if I generate my keyfiles on host-a and then copy my id*.pub file
over to host-b and put it in my .ssh/authorized_keys[2], then when I ssh
from host-a to host-b, before running my ssh-agent & aah-add, it will
see a key was generated on host-a and ask for the pass-phrase, if it
fails, it will then drop back to passwords, if they are allowed.
Hope that makes sense.
Oh and doing a 'make install' on the openssh.com source does install the
host keys. From the Makefile
install: $(CONFIGFILES) $(MANFILES) $(TARGETS) install-files host-key
and then 'host-key' says to check existing keys and if they don't exist
run ssh-keygen, so it really does install the host keys... really, I
promise.
Anyway, I hope to have the notes and "stuff" done tomorrow and will post
a link as well as haev it linked off the calendar page on ntlug.org
Thanks again to everyone who made it, I hope to do some more
presentations this year.
--
MadHat at Unspecific.com
gpg --keyserver wwwkeys.us.pgp.net --recv-keys 9DDC3E98
Key fingerprint = E786 7B30 7534 DCC2 94D5 91DE E922 0B21 9DDC 3E98
More information about the Discuss
mailing list