AW: [suse-security] Where to get scp
Works fine but I'm trying to figure out how to make it do the unattended trick. The whole thing with public/private keys is confusing me to bits. I will tell you how to do it for an RSA1 type key. RSA2 is better, DSA: don't ask me. First generate yourself a private and a public key. In older distros which know only RSA1, type # ssh-keygen In newer distros: # ssh-keygen -t rsa1 This will create a private and a public key in the user's ~/.ssh directory. The files are called identity and identity.pub. Copy the identity.pub file to the destination machine, to the user's ~/.ssh directory (assuming the user has the same name as on the source machine). Rename the file to authorized_keys, or append it if authorized_keys already exists. On your source machine, make sure that your ssh client program tries the RSA1 protocol first by modifying /etc/ssh/ssh_config. Look for the line that begins with "Protocol". Good luck! Bye Uli -- Ulrich Roth IMPACT Business & Technology Consulting GmbH Im Mediapark 8 / KölnTurm D-50670 Koeln Phone +49-221-93 70 80-29 Fax +49-221-93 70 80-15 E-Mail: roth@impact.de
Hello !
Works fine but I'm trying to figure out how to make it do the unattended trick. The whole thing with public/private keys is confusing me to bits. I will tell you how to do it for an RSA1 type key. RSA2 is better, DSA: don't ask me.
--> It will work exactly the same way for SSH2 with RSA or DSA key. You generate them with ssh-keygen -t dsa ssh-keygen -t rsa If you want to be on the safe side, create 2048 bit long keys with the option "-b 2048". The keys will have default names of "id_dsa" and "id_rsa". On some remote systems (depending on the SSH version), you have to copy them to the file "authorized_keys2". Another pitfall: Make sure you have restrictive rights on your home and your ~/.ssh directory. Make chmod 700 /home/user chmod 700 /home/user/.ssh chmod 600 /home/user/.ssh/* You may experiment with other settings, but these should work in any case. If you want to connect to other flavours of unix (like HP-UX), write me a private mail if it doesn't work out. The files have different names and a different hierarchy. HTH, Armin
participants (2)
-
Armin Schöch
-
Ulrich Roth