Re: From the begining with ssh..PLEASE HELP!!

From: Nico Kadel-Garcia (nkadel@bellatlantic.net)
Date: 03/01/02 

From: "Nico Kadel-Garcia" <nkadel@bellatlantic.net>
Date: Fri, 01 Mar 2002 13:44:04 GMT

"Wipe_out" <wipe_out@go.com> wrote in message
news:a5nofd$7uc$1@helle.btinternet.com...
> Hi..
>
> I am trying to get to a situation where I can issue a command on PC-A that
> will connect to PC-B and run a perl script..I want it to use public key
> authentication and not prompt me for a password because the command will
be
> run by cron..I have read the man pages and they are not helping me..
>
> 1. I know I have to create the keys with ssh-keygen,do I run this on PC-A
or
> PC-B?

"Yes."

The user on PC-A needs the private part of the key. The public part of the
key needs to reside in wherever the PC-B keeps its authorized key files for
remote login.

What OS's and SSH tools are you running? I assume Linux or a UNIX on both?

> 2.Which do I use "-t dsa" or "-t rsa" or do I just run ssh-keygen with no
> switch?or should I run all 3 options?

This is only critical if you're picky about which type of key you are using
(due to software versions and which protocol you want). Some folks these
days really like SSH2, and its associated DSA keys. I don't.

> 3.While creating the key pairs it prompts for a passphrase...should I
enter
> one or just leave it blank?is leaving it blank a problem?

Leaviing it blank is only a problem if someone steals your private key and
uses it for something else. Richard Silverman (bless him!) keeps publishing
pointers about how to best set up passwordless access. You might poke around
for it.

> 4.I need to copy the contents of the ".pub" files to
> "authorized_keys"file..must this file be stored in the "/root/.ssh"
> directory on PC-A or PC-B??

PC-B. It is the one that needs to allow someone else in as root who already
has the right private key.

> 5.Is host name resolution an issue if .rhost authentication has been
> disabled??..In other words do I need to setup host files on either of the
> PC's or do I need to get DNS setup for it to work..

DNS helps: the normal settings cause a reverse DNS lookup to occur for all
incoming connections, and that creates a big old delay. Take a look at the
"sshd" command-line options to set up your server without this feature if
you like.

> 6.Is there anything specific that needs to be configured in the
> "sshd_config" or "ssh_config" for it to work with public key
> authentication??

> Thnaks a Lot...

A couple of things: take a look at the default file, and at the manual page
for sshd_config.

Relevant Pages

  • Re: Is wireless file transfer reliable?
    ... I have enabled file and printer sharing and that all works. ... PC-B finds PC-A in Computers Near Me, and I signon using the password I have setup. ...
    (microsoft.public.win2000.networking)
  • Re: Remote Desktop Connection on a LAN?
    ... From PC-B I can RDC to PC-A and gain control of it. ... Whenever I try I quickly get an error message "The connection was ...
    (microsoft.public.win32.programmer.networks)
  • Re: RDP fails, XP Pro to XP Pro
    ... I've looked at services running on both PCs (PC-A is able to accept RDP ... Windows firewall is off. ... If you run the "netstat -a" command on PC-B does it show the computer listening on TCP Port 3389? ... Al Jarvi (MS-MVP Windows Networking) ...
    (microsoft.public.windowsxp.work_remotely)
  • Unable to connect other PCs in local LAN
    ... NT4 Standalone-server ... WORKGROUP name of local LAN: EXAMPLE (only DHCP is simulated by PC-B which runs ICS) ... For a fresh installation of NT4, I was able to connect PC-A to the rest of the workgroup named EXAMPLE. ...
    (microsoft.public.win32.programmer.networks)