[NBLUG/talk] OpenSSH2 with public key (no password)

E Frank Ball frankb at efball.com
Fri Jul 11 11:05:01 PDT 2003 

On Fri, Jul 11, 2003 at 01:53:28PM -0400, Bob Blick wrote:
} Hi everyone,
} 
} It seems every time I try to use something that has BSD-style
} "documentation" I get real frustrated.
} 
} Basically I'm trying to use scp or scftp in batch mode, so I must first
} have the two machines set up to do ssh without a password. Note that this
} is two linux boxes that ssh fine using a password. Client is behind an NAT
} firewall.
} 
} The docs I've read say to generate a key pair on the client, which I have,
} copy the public key to host as ~/.ssh/authorized_keys2 and then bingo it
} should work. However it doesn't. Tried both rsa and dsa.

With openssh the file is just ~/.ssh/authorized_keys.  No "2" on the
end.  ssh2 (not openssh using protocol 2, the real ssh2) used the
filename with the 2 appended.  If you generate a key pair with no key
phrase, and this is allowed in the sshd_config file, then it should
work.  I do this at work for pushing out config file updates to my dozen
linux boxes.


} Also read somewhere I need to have ssh-agent running. Tried that on the
} client but got no help from the "documentation" so it's likely it needs
} some config file to work properly. I have a feeling this is where the real
} trouble is, since I do not normally have this service running on the
} client and the host machine is not mine and does not have this service
} running either.

I'm not using ssh-agent.  ssh-agent should allow you to use key pair
that have a pass phrase, you enter the phrase once, and ssh-agent takes
care of it from then on.  That's my understanding at least, I've never
used it except with putty on windows and that was a frustrating
experience.


} Also read somewhere I need to do it completely differently, create a .ssh2
} directory and a file within called autorization with the line "key
} public_key_name" and do something complementary on the client. No
} satisfaction there.

Again this only refers to the real ssh2, not openssh using protocol 2.
With openssh it works just like ssh1.

-- 

   E Frank Ball                frankb at efball.com

More information about the talk mailing list