passwordless ssh logins with shared _HOST_ keys - not working.

[Joe Schmoe]

(I have asked this several times on -questions and
gotten nothing ...)

I am trying to allow _all users_ on CLIENT to login to
SERVER without a password.

IMPORTANT:  I am not interested in user keys _at all_
- at no point in this process should I ever be dealing
with any keys in /home/user/.ssh - I am only
interested in doing this with HOST keys - where I copy
one key between SERVER and CLIENT, and _all_ users on
CLIENT can login to SERVER without a password.  Don't
even mention user keys.

My /etc/sshd/sshd_config is exactly the same on both
SERVER and CLIENT:

#VersionAddendum FreeBSD-20020629

#Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::

# Authentication:

IgnoreRhosts yes
#RhostsRSAAuthentication no
HostbasedAuthentication yes
IgnoreUserKnownHosts yes

ChallengeResponseAuthentication no


Further, SERVER has CLIENT in its /etc/hosts.equiv,
and CLIENT has SERVER in its /etc/hosts.equiv

Finally, I have run:

ssh-keyscan SERVER >> /etc/ssh/ssh_known_hosts

on the CLIENT, and run:

ssh-keyscan CLIENT >> /etc/ssh/ssh_known_hosts

on the SERVER.  So the keys are properly shared.

The permissions on /etc/ssh/known_hosts on each system
are:

2 -rw-r--r--  1 root  wheel

So that's it.  The options are set in sshd_config, the
keys have been exchanged, hosts.equiv are populated
and permissions are correct.

SO now I go to CLIENT and run:

ssh user at SERVER

and I get a password prompt!!!

So what am I doing wrong ?  Again - NO user keys are
used and I am not interested in user keys _AT ALL_. 
DOn't even mention the /home/user/.ssh directory.  The
goal here is to share one public key between SERVER
and CLIENT and allow _all_ users on CLIENT to log into
SERVER without a password.

So what am I doing wrong ?

thanks.


		
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail