On Wed, 11 Oct 2000, Marco wrote:
time we use ssh with a useraccount which has no password. sounds unsecure eh ? :) i know that it is possible for everyone on the machine "a" to connect to machine "b" when he knows 1) the non-password useracc and 2) the ip where the ssh-key with no-password is stored.
I don't know very sure whether this sollution is better, but you could allow a specified account (say xxyyz) on machine A to connect to a (you could name the same account) on machine B without password but by using the .rhost file of xxyyz@B (containing a line with "A xxyyz") which when ssh is (im?)properly defined (ssh documentation points it out as a lesser secure way), allows user xxyyz to connect to machine B as user xxyyz originating from machine A only, without having to enter a password. When on both machines password is DISABLED (not unset, but set to a value that can never be generated so no one (except for root) can login (or su) to that user xxyyz (on both systems A and B)), this should solve your problem. ******* Groetjes vanwege ***** Greetings From ******* Dieter Demerre - http://www.angelfire.com/de/ddemerre ddemerre@acm.org - ext.dieter.demerre@siemens.be Although this private and confidential e-mail has been sent to you through a personal Siemens account, it does NOT represent any official opinion of Siemens. If you are not the intended recipient of this e-mail and have received it in error, please notify the sender by replying with 'received in error' as the subject and then delete it from your mailbox.