On Tuesday 28 August 2001 03:16 pm, Daniel Prosser wrote:
On 28 Aug 2001 13:47:14 -0400, dog@intop.net wrote:
on the client, do this ssh-keygen and enter no passphrase. this generates an identity and an identity.pub in /home/username/.ssh/ now copy the identity.pub to the remote machine and put it in /home/username/.ssh/ but rename it to authorized_keys now try to login via ssh and it should just go without a password prompt
This is a bad idea, IMHO. You should always use a passphrase with your SSH keys. You should have some form of proof of identity if you want to use ssh -- preferably either a passphrase or an authorized key held by ssh-agent. Otherwise, if say, your account gets compromised and the cracker finds that your ssh key has no passphrase, he only needs to look at the authorized_keys file for a list of your accounts on other hosts he can try. Bad news.
Daniel
I agree with Daniel, wasn't this how sourceforge was cracked? IMHO, insecurity for the sake of convenience is always the worst policy. -Steven -- -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- Steven Hatfield http://www.knightswood.net Registered Linux User #220336 ICQ: 7314105 Useless Machine Data: Running SuSE Linux 7.2 Professional and KDE2.2 3:23pm up 8 days, 18:27, 1 user, load average: 0.39, 0.27, 0.13 -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- Random Quote: There is no substitute for good manners, except, perhaps, fast reflexes.