Thanks for the security tip, I hadn't thought of that. I have removed my CSIF public key from my local authorized_keys file. I looked at other people's proposed solutions, but they all undo the convenience that I was hoping to gain, so I'm now only going to use the CSIF key to connect to other machines in the CSIF labs.
> ---ORIGINAL MESSAGE--- > Date: Thu, 14 Nov 2002 18:38:00 -0800 (PST) > From: "Mark K. Kim" <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: [vox-tech] How can I configure SSH for passwordless auth? > Reply-To: [EMAIL PROTECTED] > > Hmm... Not an expert here, but... > > If you setup the system so you can login from CSIF to your home machine > without password checking then anyone who works for CSIF can become you > and access your home machine as you... right? > > I guess the same would apply if someone can read your key ring so... set > the permissions correctly. > > -Mark > > > On Thu, 14 Nov 2002, Samuel Merritt wrote: > > > On Thu, Nov 14, 2002 at 12:26:40PM -0800, Ken Bloom wrote: > > > I'd like to be able to login to my account in the CSIF lab with the > > > standard DSA or RSA mechanism in SSH so that I don't have to enter a > > > password when I log in. I've tried following the directions on the ssh > > > manpage, and the ssh-agent manpage to no avail. > > > > > > Can someone give me directions how to configure this? My username is the > > > same on both systems, and my goal is to turn this into a bidirectional > > > process, so I can connect to CSIF from my computer or connect to my > > > computer from CSIF. > > > > The CSIF uses commercial SSH, not OpenSSH. > > > > First, you'll need to convert your public key to SECSH format. > > "ssh-keygen -e -f public_key_file" is the tool for this job. > > > > Then, on the CSIF, create ".ssh2" in your $HOME, if it isn't already > > there. Put your SECSH-format public key into $HOME/.ssh2/some_filename > > and then put the line "key some_filename" into > > $HOME/.ssh2/authorization. > > > > That'll get you set up for public-key authenticated logins to the CSIF. > > Coming from the CSIF is largely the same process, but in reverse. _______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech
