Copying and pasting from the ssh man page:
ssh implements the RSA authentication protocol automatically. The user creates his/her RSA key pair by running ssh-keygen(1). This stores the private key in $HOME/.ssh/identity and the public key in $HOME/.ssh/identity.pub in the user's home directory. The user should then copy the identity.pub to $HOME/.ssh/authorized_keys in his/her home directory on the remote machine (the authorized_keys file corresponds to the conventional $HOME/.rhosts file, and has one key per line, though the lines can be very long). After this, the user can log in without giving the password.
Now copy/pasting from a mail I wrote before:
Procedure:
Run as whichever user you want to connect as:
ssh-keygen -t rsa
don't enter any passphrase if you want it to be automated.
copy the key file (from .ssh/id_rsa.pub by default) to the next line of ~/.ssh/authorized_keys file of whichever
system you want to connect to. If the file doesn't exist, just copy the key
file to authorized_keys file.
And disabled password based authentication for security:
in /etc/sshd-config, the lines
PasswordAuthentication no
PermitEmptyPasswords no
KerberosOrLocalPasswd no
UsePAM no
checked it by first logging on as sgh from AfriStar playout machine, then after the changes, tried again, it said
Permission denied (publickey,keyboard-interactive)..
Could've just tried as a different user - even the root account on my local machine is denied. :-)
No comments:
Post a Comment