Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'iTerm - A Terminal app with tabbed windows' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
iTerm - A Terminal app with tabbed windows
Authored by: dlrodriguez on Apr 21, '03 02:20:04PM

I gave iTerm a try a while ago, but I couldn't figure out a way to
use ssh-keygen to automatically ssh into a remote host without
entering in a password (as I have successfully done with
Terminal and on other machines). Has anyone been able to do
this? If so, could you give me another hint?

---
David



[ Reply to This | # ]
How to do SSH without passwords
Authored by: jafager on Apr 21, '03 02:56:59PM

BE AWARE THAT GENERATING SSH KEYS WITHOUT A PASSPHRASE IS NOT THE MOST SECURE WAY TO OPERATE. I STRONGLY SUGGEST YOU CONSULT THE OPENSSH DOCUMENTATION FOR THE CORRECT WAY TO DO HANDS-FREE SSH AUTHENTICATION WITH SSH-AGENT!

You want to connect from machine "left" to machine "right".

Log into left:

mkdir ~/.ssh
cd ~/.ssh
ssh-keygen -b 1024 -t rsa1 -C "you@yourdomain.com" -N ""
ssh-keygen -b 1024 -t rsa -C "you@yourdomain.com" -N ""
ssh-keygen -b 1024 -t dsa -C "you@yourdomain.com" -N ""

This creates six files in your ~/.ssh directory:

identity
identity.pub
id_rsa
id_rsa.pub
id_dsa
id_dsa.pub

Log into right:

mkdir ~/.ssh
cd ~/.ssh

On right, create a file called "authorized_keys" (in the ~/.ssh directory). Paste the contents of the three .pub files created earlier into this file (you will have to work out for yourself the best way to do this).

Now test it out. On left:

ssh username@right

It should let you in without a password. If it does not, the first thing to check is your file permissions. The ~/.ssh directories on both sides should not be writable by anyone but the owner. The .pub files should be readable by everyone, but the other key files should only be readable by their owner. The permissions should be set correctly by ssh-keygen, but you never know. There are a lot of things that can go wrong here; troubleshooting is complicated and well beyond the scope of these instructions.

HTH,
jafager



[ Reply to This | # ]
How to do SSH without passwords
Authored by: dlrodriguez on Apr 21, '03 10:27:31PM

I have a response to this in a separate comment...sorry about
the confusion.

---
David



[ Reply to This | # ]
How to do SSH without passwords
Authored by: englabenny on Apr 22, '03 12:07:09PM
I can't get that to work between my machines... :(
They both use jaguar.5 or .4, and i've followed your instructions to the point, I used cat id_dsa.pub >> authorized_keys on all the keys, copied over with scp, to get the keys into the file..

[ Reply to This | # ]
How to do SSH without passwords
Authored by: englabenny on Apr 22, '03 12:13:55PM
Found out that the -C switch with argument maybe not was unimportant, I filled it in with my mail, :D. What do I enter? I have rendezvous names for both the computers, TiBook.local and Cube.local, and I have static intranet IPs, shall I use any of them?

A verbose log of ssh failing (asking for pass) (sorry for looong post)

[tibook:~/.ssh] ulrik% ssh -v cube.local
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090609f
debug1: Reading configuration data /etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to cube.local [192.168.0.3] port 22.
debug1: Connection established.
debug1: identity file /Users/ulrik/.ssh/identity type 0
debug1: identity file /Users/ulrik/.ssh/id_rsa type 1
debug1: identity file /Users/ulrik/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.4p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 138/256
debug1: bits set: 1626/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'cube.local' is known and matches the RSA host key.
debug1: Found key in /Users/ulrik/.ssh/known_hosts:1
debug1: bits set: 1654/3191
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: try pubkey: /Users/ulrik/.ssh/id_rsa
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: try pubkey: /Users/ulrik/.ssh/id_dsa
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is password
ulrik@cube.local's password: 


[ Reply to This | # ]