[vox-tech] How can I configure SSH for passwordless auth?

Mark K. Kim vox-tech@lists.lugod.org
Thu, 14 Nov 2002 18:38:00 -0800 (PST)


Hmm...  Not an expert here, but...

If you setup the system so you can login from CSIF to your home machine
without password checking then anyone who works for CSIF can become you
and access your home machine as you... right?

I guess the same would apply if someone can read your key ring so... set
the permissions correctly.

-Mark


On Thu, 14 Nov 2002, Samuel Merritt wrote:

> On Thu, Nov 14, 2002 at 12:26:40PM -0800, Ken Bloom wrote:
> > I'd like to be able to login to my account in the CSIF lab with the
> > standard DSA or RSA mechanism in SSH so that I don't have to enter a
> > password when I log in. I've tried following the directions on the ssh
> > manpage, and the ssh-agent manpage to no avail.
> >
> > Can someone give me directions how to configure this? My username is the
> > same on both systems, and my goal is to turn this into a bidirectional
> > process, so I can connect to CSIF from my computer or connect to my
> > computer from CSIF.
>
> The CSIF uses commercial SSH, not OpenSSH.
>
> First, you'll need to convert your public key to SECSH format.
> "ssh-keygen -e -f public_key_file" is the tool for this job.
>
> Then, on the CSIF, create ".ssh2" in your $HOME, if it isn't already
> there. Put your SECSH-format public key into $HOME/.ssh2/some_filename
> and then put the line "key some_filename" into
> $HOME/.ssh2/authorization.
>
> That'll get you set up for public-key authenticated logins to the CSIF.
> Coming from the CSIF is largely the same process, but in reverse.
>
> --
> Samuel Merritt
> OpenPGP key is at http://meat.andcheese.org/~spam/spam_at_andcheese_dot_org.asc
> Information about PGP can be found at http://www.mindspring.com/~aegreene/pgp/
>

-- 
Mark K. Kim
http://www.cbreak.org/
PGP key available upon request.