This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

crib sheet: ssh single-login/no password ( was Re: ssh-keygen )


At 08:23 PM 3/4/2003 -0600, Joshua S. Abbott wrote:
>hello i have cygwin and need to create and install ssh keys....I am in
>/home/AndrewWallace and .ssh is under that I use:  ssh-keygen -t rsa -f
>mysshkey  then ssh-keygen -t rsa -f .ssh/id_rsa/ -N ""  .... the I try to
>connect to the server and it give "Permission Denied (Public Key)" :'(

Since I have seen this type of question more than a few times, here's my
crib sheet.  Feel free to modify.

Regards,
- Robert

-----
(c) 2003 - Robert Citek

For OpenSSH 2.5.2 or greater under Cygwin: access without using a password
or with single-login.  Assuming you want to connect from machine A to
machine B using ssh.

== blank passphrase

1) generate private/public keys on A
   $ ssh-keygen -t dsa
   press enter when it asks for the filename
   press enter when it asks for the passphrase (yes, a blank passphrase)
   this will generate two files: ~/.ssh/id_dsa and ~/.ssh/id_dsa.pub

2) put ~/.ssh/id_dsa.pub from A into ~/.ssh/authorized_keys2 on B
   $ cat ~/.ssh/id_dsa.pub | ssh B 'cat >> ~/.ssh/authorized_keys2'

3) make sure all files are not writable or readable except by owner
   do this on A and B
   $ chmod a-x,go-w,o-r ~/.ssh/*

4) verify it works
   $ ssh B ls -la

== single-logon

1) generate private/public keys on A
   $ ssh-keygen -t dsa
   press enter when it asks for the filename
   enter a passphrase
   this will generate two files: ~/.ssh/id_dsa and ~/.ssh/id_dsa.pub

2) put ~/.ssh/id_dsa.pub from A in ~/.ssh/authorized_keys2 on B
   $ cat ~/.ssh/id_dsa.pub | ssh B 'cat >> ~/.ssh/authorized_keys2'

3) make sure all files are not writable or readable except by owner
   do this on A and B
   $ chmod a-x,go-w,o-r ~/.ssh/*

4) use ssh-agent to manage passphrases
   $ eval $(ssh-agent)

5) make agent aware of passphrases
   $ ssh-add   # enter the appropriate passphrase for each remote host

6) verify everything works
   $ ssh B ls -la


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]