Chris Pitzer talked about ssh-copy-id, you can find his notes online at: http://blog.christopherpitzer.com/2010/ssh-copy-id/
I mentioned that it's possible to use a persistent program to load your SSH keys, which will ask you to enter the passwords for your keys, and then keep them loaded in memory so you don't have to keep re-entering the key passwords. "keychain" is a third-party program for use with OpenSSH to keep your credentials in memory and accessible across logins, and continues to run until the machine is shutdown or the keychain or agents are deliberately stopped. MacOS and some UNIX distros may provide a specialized way to do this. Details on using the keychain program: http://www.gentoo.org/proj/en/keychain/ Typical usage from a bash shell: # Start the keychain and add your keys, which may ask for passwords -- I # keep my keys in ~/.ssh and give them names ending with "_rsa" and "_dsa": keychain ~/.ssh/*_{dsa,rsa} # Load the credentials into a session (the file sourced is created by "keychain"): . ~/.keychain/${HOSTNAME}-sh* # You can combine these steps together by using a single bash function, # that can start keychain if needed and load your credentials. You can run # this function from .Xsession and again any time you need to load # credentials from a session that's not managed by X (e.g., you SSH into a # machine already running your keychain). Here's the function: keychainize () { keychain ~/.ssh/*_{dsa,rsa}; . ~/.keychain/${HOSTNAME}-sh*; } If you're looking for something more lightweight and standard, you can use "ssh-agent", which is what "keychain" is providing a wrapper for. "ssh-agent" is a program that comes with OpenSSH and keeps your credentials in memory. It lets you enter the passwords for your SSH keys once on startup and keep using the keys without passwords for the duration of your session. For details read: http://www.securityfocus.com/infocus/1812 Typical usage from a bash shell: # Start the agent, it's not smart enough to realize one's already running eval `ssh-agent` # Add your keys to the agent, which may ask for passwords ssh-add ~/.ssh/*_{dsa,rsa} # See what keys you've got loaded, if curious ssh-add -l # Use your credentials without having to re-enter passwords ssh myusern...@myhostname -igal _______________________________________________ Portland mailing list [email protected] http://mail.python.org/mailman/listinfo/portland
