Re: ssh / scp / batch mode

noi staggered into the Black Sun and said:
On Fri, 23 Mar 2007 07:53:55 -0700, rh00 wrote this:
I am confused in ssh. I want to login without password (batch mode)
userA@client connecting to userB@server
- creating the key-pair in client with
ssh-keygen -t rsa1 (NO passphrase)

RSA? I thought most places used DSA, but ICBW.

cat identity.pub (userA@client) >> authorized_keys (userB@server)

authorized_keys, not authorized_keys2?

ssh-keygen -t dsa (NO passphrase)
cat id_dsa.pub (userA@client) >> authorized_keys2 (userB@server)

I would appreciate any comments and/or reference about which host,
[parameters, configurations, whatever] [defines] the [standards] used
by [clients and servers] (RSA1, RSA, DSA)
I think you only need one key RSA or DSA. cat to authorized_keys, not
authorized_keys2? authorized_keys should show both sets of keys.

clairissa:~/.ssh$ ls
authorized_keys2 id_dsa id_dsa.pub known_hosts

....no authorized_keys file at all. IIRC, authorized_keys was used by
ssh protocol version 1. You can see a lot of what's going on by using
the -v switch to ssh. Here, ssh checks for RSA keys (not there), DSA
keys (there), and offers the DSA public key to the server. Server
accepts, because the id_dsa.pub has been appended to the
authorized_keys2 file on the server.

The behavior of sshd is mostly governed by its config file,
/etc/ssh/sshd_config , which has a man page. Also note that ssh is
very strict about permissions; it'll complain unless ~/.ssh is chmodded
700 and the files within ~/.ssh are chmodded 600. (Gotta keep your
private key private, after all!) HTH,

--
If you're looking for trouble, I can offer you a wide selection.
Matt G|There is no Darkness in Eternity/But only Light too dim for us to see
.

Relevant Pages

  • Re: SSH keys: RSA vs DSA
    ... >> Ssh protocol version 2 can use RSA as well as DSA keys. ... > DSA is an old and fairly weak encryption, ...
    (comp.os.linux.security)
  • Re: Multiple keys in .ssh/authorized_keys file?
    ... It's not necessary but may be useful depending on your configuration. ... provided you have your ssh2 private keys on the nodes you expect to ... DSA is mandatory in the spec while RSA is recommended. ...
    (comp.security.ssh)
  • DSA & Symmetric Keys
    ... Presumably when an ssh connection is made the client and the server ... if the server is using a DSA key to identify itsself.. ... rather than RSA, and both the host key and my user's public key are DSA. ...
    (comp.security.ssh)
  • Re: ssh and .rhosts or .shosts
    ... I've always used .ssh/authorized_keys2 for ssh2 ... keys like rsa and dsa, ... only for rsa1 keys. ...
    (comp.unix.solaris)
  • Re: Publick key authentication problem
    ... binary format needs to used otherwise the keys get ... For me to be able to connect to the server, ... keys were taken on my system in ascii format. ... might be with dsa on one side and rsa on the other. ...
    (SSH)