[lug] OpenSSH

[Mark Horning]

"D. Stimits" wrote:

<snip>
> > 1) As the user who will login, issue 'ssh-keygen'
> >    Follow all prompts, but make certain not to use a passphrase on this secret
> >    key.
> > 2) Copy the file $HOME/.ssh/identity.pub to $HOME/.ssh/authorized_keys on the
> >    server to which you will log in.
> > 3) On the server you log into, find the file 'sshd_config', and make the
> >    following changes to it:
> >    -----
> >    PasswordAuthentication no
> >    PermitEmptyPasswords yes

I didn't need to do the above for my setup

> >    -----
> > 4) Restart sshd
> > 5) chown -R user:group $HOME/.ssh
> > 6) chmod 0700 $HOME/.ssh ; chmod 0600 $HOME/.ssh/*
> >
> > You should now be able to login successfully.
> 
<snip>

> guessing is done as follows: In /etc/sshd/, I created subdirectory
> known_hosts, and within that, I placed the opposite machine's
> /etc/sshd/*.pub files (I did this from machine A to machine B, and
> machine B to machine A, copying the two key files over, one key being
> marked as ssh_host_dsa_key.pub, the other simply ssh_host_key.pub).
> Again, I restarted each server.
> 
known_hosts should probably be a file in the user's .ssh 
directory. You would put the host's .pub key file from the
remote host there.

<snip>

> User "x" on both machines ran ssh-keygen, without a pass phrase. This
> generated ~/.ssh/, with files identity, identity.pub on each machine. On
> machine B I wasn't sure about how to add authorized keys, and made some
> guesses, creating directory ~/.ssh/authorized_keys/. Within that
> directory I placed the relevant identity.pub of user "x" of machine A.
> 
identity.pub from the remote machine is added to a file in the
user's .ssh directory called authorized_keys

<snip>


-- 

Mark Horning
rip6 at rip6.net