On 02/24/2017 02:16 PM, Rich Shepard wrote: > On Fri, 24 Feb 2017, King Beowulf wrote: > >> for ssh or scp (cp over ssh), you only need one pub key for the >> connection to work. NOT the ones in /etc/ssh. One of the ones in ~/.ssh > > Ed, > > Here's what I've done; there's still something left for me to do. > > On laptop: > > 1) ssh-keygen (using same passphrase as on other hosts). > 2) ssh-add > 3) tried ssh-copy-id to desktop but was denied. > 4) copied ~/.ssh/id_ed25519.pub to thumb drive. > 5) added desktop's ~/.ssh/id_25519.pub to laptop's ~/.ssh/known_hosts. > No, not in "known_hosts", forget "known_hosts". That file is NOT used to authenticate user login.
> On desktop: > > 1) added laptop's ~/.ssh/id_ed25519.pub to ~/.ssh/known_hosts. > No. See above. Doing this can prevent you from accessing the computers remotely >> cat laptop_key.pub > ~/.ssh/authorized_keys > > Now I'm confused about what should be in each host's > ~/.ssh/authorized_keys and ~/.ssh/known_hosts. 1. take the LAPTOP id_ed25519.pub key and put it in DESKTOP ~/.ssh/authorized_keys 2. take the DESKTOP *.pub key and put it in LAPTOP ~/.ssh/authorized_keys Note that even if you use the same passphrase, the private keys for each computer are unique. also, you need to generate the keys as a USER not ROOT! now just from laptop ssh -i id_ed25519 rshepard@desktop > > Do the id_ed25519.pub files from one host belong in the authorized_keys > files on other hoste? If so, what goes in the known_hosts file in each host? known_hosts is just used to say you TRUST the remote computer. authorized_keys tells the host what remote user is allowed to login. > > Getting there, > > Rich > _______________________________________________ > PLUG mailing list > [email protected] > http://lists.pdxlinux.org/mailman/listinfo/plug > _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
