Before you go off giving yourself a nice insecure passphraseless key... There is a little gem of a program called ssh-agent. You can use it in a shell on its own, or you can adjust your dotfiles so that it starts up every time you log into X. Used in conjunction with ssh-add, it means that you enter your passphrase once and the agent remembers it for you, and forwards it along with your SSH connections so that you can nest SSH and SCP sessions without having to re-type your passphrase. In an xterm or on console: $ exec ssh-agent bash (or whatever your shell is) $ ssh-add To run it for your entire X session, you have to change your dotfiles around so that your X session gets called as an argument to ssh-agent. I did it like this: $ mv .xinitrc .Xclients create .xinitrc that looks like: --------------------- #!/bin/sh h-agent ~/.Xclients --------------------- add the following line to .Xclients after all the "test -r" lines but before the "exec $WINDOWMANAGER" line: h-add ~/.ssh/identity </dev/null (replacing "~/.ssh/identity" with wherever your SSH private key is stored.) After all those changes, the next time you log in, you should get prompted for your SSH passphrase, and then your windowmanager will start, and you won't have to type your passphrase again. -tara On Sun, Jun 11, 2000 at 04:51:41PM -0700, Bill Moseley wrote:
Hello,
I'm trying to understand how keep SSH from asking for my password. I've been able to use the .shosts file with the known_hosts** file, but I haven't been able to use the authorized_keys method.
**(I assume the way to setup the know_hosts file is to ssh from the remote machine to my machine once and accept the key.)
I was unable to use the non-.shosts setup with authorized_keys file. I did the ssh-keygen1 command to create my local private and public keys. I then copied my identity.pub file to the remote machine and called it authorized_keys. And then I removed the .shosts file.
But, when I connect it asks for my pass phrase. I guess I thought it wouldn't ask for my pass phrase when using the authorized_keys setup.
Can someone clear up what I did wrong when trying to set up the authorized_keys method of authentication?
Also, my goal is to use a news server on my ISP, but my IP number isn't one of theirs, so I need to tunnel to their nntpd server. I do this now by issuing this:
ssh1 -g -lmoseley -L1234:nntp.my.isp.com:119 my.isp.com
And from then on I can access their news server via port 1234 (yes, ipchains blocks that port externally).
My question is this: Can I start that ssh tunnel via indetd?
I'd like to be able to just connect to that port and have the ssh tunnel started. But I can't figure out the right way to put that in my indetd.conf file. Any ideas?
How come every once in a while I get this?
Secure connection to my.isp.com refused; reverting to insecure method. Using rsh. WARNING: Connection will not be encrypted.
Is there a limit to how often I can connect via ssh?
Any way to do rdist over ssh?
Thanks!
Bill Moseley mailto:moseley@hank.org
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/