> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Francesc Guasch
>
> I have openssh-2.5.2p1
>
> I need to allow all the users of one server log into
> another. I managed to get one user log. I don't know
> exactly how because it took me four hours and I tried
> all the possible combinations of hosts and options.
>
Hi,
Does this mean that you want them to log in without
passwords? Is there a one to one mapping between
accounts?
Also useful would be details of the operating systems
on the machines, and the number of accounts involved.
> The last thing I did was do the public key setup
> and add known_hosts to the server. It's a tough
> thing to do. I find it very hard. really really.
> Maybe I missed some doc somewhere but I did search hard.
>
Ssh supports a number of authentication methods. The simplest
(and least secure) is the allow rhost authentication.
This would be the only one which involves hosts.equiv.
My belief is that the ssh2 protocol no longer supports
rhosts/hosts.equiv, which might be related.
As regards public keys, surely as script to automate the
process would help:
#!/bin/ksh
# this is a completely untested script which generates
# user keys, and copies them to accounts on remote machines.
#
# BUGS: it completely clobbers the authorized_keys file on the
# remote machine. The sys-admin has to stand around typing <cr>
# all the time. It assumes that the accounts on the two machines
# are named the same.
for user in `cat /etc/passwd | sed 's/:.*//'`; do
su - $user -c /usr/local/bin/ssh-keygen
scp /home/$user/.ssh/identity.pub
$user@other-machine:/home/$user/.ssh/authorized_keys
ssh root@other-machine chown $user /home/$user/.ssh/authorized_keys
done
---
regards
Kieran
