Thank you ...that worked ... B
On Sat, 05 Mar 2005 14:21:27 -0500, [EMAIL PROTECTED] wrote > > so far i have done > > > > edit /etc/sshd_config > > > > Port 22 > > Protocol 2 > > PermitRootLogin no > > MaxStartups 5:50:10 > > X11Forwarding no > > PrintLastLog yes > > SyslogFacility auth > > LogLevel VERBOSE > > PasswordAuthentication no > > PermitEmptyPasswords no > > Banner /etc/issue > > AllowGroups sshusers <-- this exsists > > > > # create some group that you can put OpenSSH users into > > Next, we'll open and edit /etc/ssh/ssh_config > > > > [EMAIL PROTECTED] /dir]#vi /etc/ssh/ssh_config > > > > ForwardAgent no > > ForwardX11 no > > PasswordAuthentication no > > CheckHostIP yes > > Port 22 > > Protocol 2 > > > > then i su to unpriv user and ran ssh-keygen -d > > > > then i did > > cat id_dsa.pub > authorized_keys2 > > make sure you have a line in /etc/ssh/sshd_config that points to > this, like so: > > AuthorizedKeysFile .ssh/authorized_keys2 > > If it's commented out that's okay (default) just make sure it's the > same filename you've used! > > (Incidentally, on my 5.3 box it's set as .ssh/authorized_keys) > > > > > then copy the id_dsa.pub to a floppy so that i could transfer the dsa key to > > the machine from which id be accessing the unix box. > > > > No, you need to put the PRIVATE key (id_dsa by default) on the > client machines in the .ssh directory under each users' home dir. > The PUBLIC key stays on the server in authorized_keys as you've done > above. Make sure this key and the directory it's in is accessible > only by the user you want. > > Hope that helps, > > G > > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Brent Bailey CCNA Bmyster LLC Computer Networking and Webhosting Network Engineer, Webmaster, President http://www.bmyster.com [EMAIL PROTECTED] 207-490-5992 _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
