[lug] .shosts and ssh
Ferdinand P. Schmid
fschmid at archenergy.com
Tue Nov 7 08:16:22 MST 2000
This is a much better solution than what I had attempted to do. Although security
wasn't my prime concern for this particular I really like the extra peace of mind
with this approach. Next I will follow your suggestion for locking this down to
only allow file uploads.
Thanks Sean, Aaron and Rob!
Ferdinand
Sean Reifschneider wrote:
> On Mon, Nov 06, 2000 at 05:55:33PM -0700, Ferdinand P. Schmid wrote:
> >I am trying to set up a system that would allow scp (secure copy)
> >without prompting for a password. So I set up a ~/.shosts file in the
>
> Create an identity/identity.pub pair with ssh-keygen, but don't enter
> a password. Add the identity.pub to the remote host/user .ssh/authorized_keys
> file. No password required for remote access.
>
> You can also (thanks to Aaron for finding it) specify that a given key is
> only valid for certain commands and the like as well (I believe this is a
> OpenSSH addition).
>
> Note that if you want to create a special identity just for doing this, you
> can read that identity using "ssh -i identityfile".
>
> Sean
> --
> The Government: A system in dire need of performance tuning.
> VOTE! November 7, 2000
> Sean Reifschneider, Inimitably Superfluous <jafo at tummy.com>
> tummy.com - Linux Consulting since 1995. Qmail, KRUD, Firewalls, Python
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
--
Ferdinand Schmid
Architectural Energy Corporation
http://www.archenergy.com
(303) 444-4149
More information about the LUG
mailing list