On Sun, Oct 10, 2004 at 02:14:32PM -0700, Joe Schmoe wrote: > > --- Matthew Seaman <[EMAIL PROTECTED]> > wrote: > > > For ssh(1) to work using key based auth, all of the > > files in > > ~user/.ssh on the server must have the correct > > permissions, and the > > host public keys for the server should be known to > > the client machine, > > and vice versa. > > > No no ... I was talking about _host_ keys, not user > keys - no user home directories should be involved at > all. I am simply sharing host keys so that all users > on CLIENT can login to SERVER with no passwords ... am > I missing something here ?
Errr... That's not recommended, but it should be possible. They are your systems, and you can do whatever you want with them. The procedure I gave about using sshd with all the debug flags turned on should still be helpful for debugging the setup. You'll also need HostbasedAuthentication yes but you should have #RhostsRSAAuthentication no because you don't want to be using SSH1 if you can avoid it. Plus you maybe want: IgnoreRhosts yes IgnoreUserKnowHosts yes in your /etc/ssh/sshd_config on the server. > I think my problem is that I gave the public _host_ > key of the CLIENT to the SERVER, but really I should > give the public _host_ key of the SERVER to the CLIENt > ... is that my problem ? Yes, you will need to populate /etc/ssh/ssh_known_hosts on both client and server. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK
Description: PGP signature