I have not come across "ssh-copy-id utility" - it looks like a linux only utility which simply achieves the purpose of copying the public key to the server. This is the same thing you would usually do using the secure copy "scp" utlity which you will find on most *nix based machines including OSX by default.
You have some interesting comments about limiting the ssh access to commands etc - but I am not sure if this is regular security advice? My take on this has been that you MUST have a secure local machine - and the security critical part is generating the key and transferring it to the server without someone gaining access at either of these stages. People go as far as to generate the keys on special hardware or offline machines. Do you have any references to the text on the page regarding limiting ssh access? 2008/5/20 Josh Mellicker <[EMAIL PROTECTED]>: > If you're setting up ssh key pairs, you won't need to use "expect" because > no password is needed. > > I started following this article: > > http://www.sakana.fr/blog/2008/05/07/securing-automated-rsync-over-ssh/ > > but got stuck at "We can use the ssh-copy-id utility for this purpose" > since I have no such utility. I was going to manually add the key pair to > "~/.ssh/authorized_keys " on the remote host, but I'm not sure what "~" > signifies on a Linux box. (on OS X it's the user directory) > > But Sarah's solution seems to work great. Yes - I'd still like to apply the same "expect" technique to ssh-keygen as it has more general application to other command-line utilities and offers increased security. > One caveat, with rsync, I have not figured out how to provide a progress > slider! > For that you need I think the 2.9 ability to write and read to the open process - and then have rsync give some feedback with command line options??? Not sure. _______________________________________________ use-revolution mailing list [email protected] Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-revolution
