Re: Auto ssh

From: Adrian Bridgett (adrian.bridgett_at_gmail.com)
Date: 08/31/05

• Next message: Dohhhh: "Re: /tmp area is full"
• Previous message: Ian Northeast: "Re: Auto ssh"
• In reply to: Ian Northeast: "Re: Auto ssh"
• Next in thread: Admin AIX: "Re: Auto ssh"
• Reply: Admin AIX: "Re: Auto ssh"
• Reply: Richard D. Latham: "Re: Auto ssh"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Date: 30 Aug 2005 16:13:13 -0700

Alternatively, _do_ use a passphrase, but use an ssh-agent too!
Process (from memory), machines A and B.

A: ssh-keygen -t dsa
(type passphrase)

Then copy ~/.ssh/id_dsa.pub on machine A to ~/.ssh/authorized_keys on
machine B. Technically you want to append this to authorized_keys.

Alternatively you can use this command to do this for you:
ssh-copy-id B
(type _password_ for B)

Now the ssh-agent part. Basically you run an ssh-agent on machine A,
then you tell it the passphrase which it remembers. When you then run
ssh it queries the agent and types in the password for you :-) You can
then get scripts to talk to the agent and tell it to forget the
password (e.g. when the screensaver activates) or in fact tell the
agent to forget the passphrases after so long.

So in my .profile I have:
eval `ssh-agent -s`

Then when I want to ssh, I type in "ssh-add" and type in the
passphrase. Then all the ssh's I do work automatically with no
passphrase required. I've then combined this with a program called dsh
(similar, but not identical to PSSPs one) and can now run commands
across many machines simultaneously but at the same time pretty darn
securely.

.shost definitely not required. Just ensure permissions are pretty
tight on the files, ssh can be very picky (quite right too!)

---

• Next message: Dohhhh: "Re: /tmp area is full"
• Previous message: Ian Northeast: "Re: Auto ssh"
• In reply to: Ian Northeast: "Re: Auto ssh"
• Next in thread: Admin AIX: "Re: Auto ssh"
• Reply: Admin AIX: "Re: Auto ssh"
• Reply: Richard D. Latham: "Re: Auto ssh"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Relevant Pages Re: ssh without entering password/passphrase ... I created private and public key pairs in my local host ... > this point when I try to ssh, it asks for my passphrase and I can log ... "Could not open connection to your authentication agent". ... What you are missing is that just having ssh-agent run is not enough. ... (comp.os.linux.misc) RE: Going MAD trying to get scp working on Solaris8 - Horah - Its res olved - Or Is it.... ... The ssh-agent will indeed hold keys for use by ssh related programs. ... The key to what you want to accomplish is to make sure a SINGLE agent is ... working without entering a password or passphrase. ... (SSH) Re: Opening ports in my firewall ... >be sshing in from (or at least a group of possible machines). ... a shared key activated by a passphrase, ... bit of research on shell design, you can limit a login in any way you ... (comp.os.linux.security) Re: Auto ssh ... > Process, machines A and B. ... > then you tell it the passphrase which it remembers. ... > agent to forget the passphrases after so long. ... which is a shell script which automates quite a ... (comp.unix.aix) Re: Auto ssh ... > Process, machines A and B. ... > Alternatively you can use this command to do this for you: ... > then you tell it the passphrase which it remembers. ... > agent to forget the passphrases after so long. ... (comp.unix.aix)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

unix.derkeiler.com  > Newsgroups  > comp.unix.aix  > 2005-08