Re: ssh no password problem

On Sun, Aug 31, 2008 at 11:30:51AM -0400, Jorge Luis wrote:
On Sun, 31 Aug 2008, Adel ESSAFI wrote:

I have followed exactly the instruction but still with the same problem.

135 ssh-keygen -t dsa
137 cd .ssh/
139 cat id_dsa.pub >> authorized_keys2
141 chmod 644 authorized_keys2

when I do ssh localhost , i get still this

oar@lion:~$ ssh localhost
*Enter passphrase for key '/home/oar/.ssh/id_dsa':*

Perhaps what you're looking for is ssh-agent, a program that provides a
relatively secure way of storing your ssh passphrase. You can link the
agent to your GNOME login keyring so that your login password will
suffice for subsequent ssh sessions. There are different opinions on
the matter, but I'm not usually comfortable with passphraseless ssh
keys. Ssh-agent gives you the best of both worlds. Start with man
ssh-agent.

Quite right (your diagnosis that is), if you set up for ssh
'passwordless' login then it will ask for the passphrase key.

If you want *really* passwordless login then there are two ways to do
it, both (obviously) reduce security.

1 - As above, use ssh-agent, this allows you to enter the passphrase
once for a 'session'. A session in this context usually means an X
session. Thus the security of your login depends on how secure your X
session is, if someone else can use your computer screen (while you're
eating lunch or whatever) they can get to your ssh logins.

2 - When you create the ssh key enter a NULL passphrase. With a NULL
passphrase you will not get prompted for a passphrase key when you do
an ssh login and it will be totally passwordless. Similar security
issues apply, anyone who can login as 'you' to the client ssh machine
will be able to login to the remote machine as you using ssh.

Thus, basically, if your machine is reasonably physically secure (e.g.
a home machine and you trust the rest of the family) it's not
unreasonable to use either of the above approaches.

--
Chris Green

--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

Relevant Pages

  • Re: SSH login automation, get stuck at the last step.
    ... The ssh server that I am copying the public key to is not a typical ... The user "root" to login this box can not access the ... puts stderr "EXP username requested and sent " ...
    (comp.lang.tcl)
  • Re: BSM, SSH, and Session ID
    ... Are you logging in as root through ssh or is that just the way it is ... Sun SSH/OpenSSH should fork off before the login because the sshd ... It should always be a different session, ...
    (Focus-SUN)
  • Re: BSM, SSH, and Session ID
    ... I can't recall how Sun SSH on Solaris 9 behaves but recent versions of Sun SSH/OpenSSH should fork off before the login because the sshd process that a user is connected to after authentication runs with their privileges, ... It should always be a different session, even if the user login is root. ...
    (Focus-SUN)
  • Re: twice ftp
    ... Create your ssh keys then it won't ask; ... Enter passphrase: ... Last login: Sat Jan 7 20:03:46 2006 from oscar ...
    (alt.os.linux.suse)
  • SUMMARY: how to set correct path?
    ... ven if we login with ssh. ... For BASH login shell, place the system wide ENV variables, such as PATH, ... You can set Use_login in the sshd_config to yes and restart sshd. ...
    (SunManagers)