[ale] automating ssh script

Keith Hopkins hne at hopnet.net
Mon Jul 29 07:50:23 EDT 2002 

Hey Drew,

   This seems like a no-brainer to me.  Just to confirm that, I tried it myself, and it worked (no passphrase prompt, no password prompt.)

   First question...when you are generating the keys (type 1 or 2), what are you entering for the "Enter passphrase" prompts?  You should hit Enter twice without typing anything.  Anything you type here will be prompted for at login.

ChangingLINKS.com wrote:
 > GENERATING TYPE 1 KEY
 > [user at change user]$ ssh-keygen -t rsa1
 > Generating public/private rsa1 key pair.
 > Enter file in which to save the key (/home/user/.ssh/identity):
 > /home/user/.ssh/identity
 > Created directory '/home/user/.ssh'.
 > Enter passphrase (empty for no passphrase):
 > Enter same passphrase again:
 > Your identification has been saved in /home/user/.ssh/identity.
 > Your public key has been saved in /home/user/.ssh/identity.pub.
 > The key fingerprint is:
 > b0:15:bd:79:c4:bd:3e:99:1b:d5:87:1e:56:62:c4:6c user at change


> COMMANDS THAT I USED TO TRY TO GET SSH TO WORK WITHOUT A PASSPHRASE
> rm -rf ~/.ssh   //to start .ssh from scratch
> ssh-keygen -t rsa1  //to generate type1 public and private keys
> cp ~/.ssh/identity.pub ~/.ssh/authorized_keys  //to make type 1 file to 
> upload to server
> cp ~/.ssh/id_dsa.pub ~/.ssh/authorized_keys2   //to make type 2 key file to 
> upload to server
> ftp ~/.ssh/authorized_keys AND  ~/.ssh/authorized_keys2 to remote machine's 
> ~/.ssh //upload files
> ssh user at shell1.host.com //test .ssh to see if it works
> eval `ssh-agent`  //do a ssh-agent on server?
> exit  //thinking I should exit to run next command locally
> eval `ssh-agent` //run ssh-agent locally
> ssh-add ~/.ssh/identity
> ssh user at shell1.host.com //testing to see if I connect passphraseLESS
> eval `ssh-agent` //failed to connect without passphrase, decided to run eval 
> on remote machine

   I don't use the ssh-agent at all, but I don't think it does what you expect it to do.

I do see some missing steps here...

   After you copy the public keys to the other server, you need to add them to the authorized_keys of the user you want to login as.  You'd do something like this:

login jimbo
jimbo$ ssh-keygen -t dsa (various prompts ensue, be sure to only hit Enter for the passphrase prompt)
jimbo$ scp .ssh/id_dsa.pub slacker at otherhost:.ssh/jimbos_pub_id
jimbo$ ssh slacker at otherhost (various prompts ensue)
slacker$ cd .ssh
slacker$ cat jimbos_pub_id >> authorized_keys   (very important missing step!)
slacker$ exit
jimbo$ ssh slacker at otherhost (no prompts should occur.  should drop staight to defined shell)
slacker$ (flashing cursor)

   Let me know what happens.

-- 
Lost in Tokyo,
   Keith



---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list