Experiences with 7.0-CURRENT and vmware.

Peter Jeremy peterjeremy at optushome.com.au
Fri May 11 07:45:26 UTC 2007

On 2007-May-10 11:13:26 +0000, Darren Reed <darrenr at hub.freebsd.org> wrote:
>Oh, and how do I fix ssh/rsh to do passwordless sessions?

Assuming you are using OpenSSH on both ends, use HostBasedAuthentication:
Client side:
- make /usr/libexec/ssh-keysign setuid root
- add the server's host key to known_hosts
- Set "HostbasedAuthentication yes" and "EnableSSHKeysign yes" in config

Server side:
- add the client's host key to /etc/ssh/ssh_known_hosts
- Set "HostbasedAuthentication yes" and "IgnoreRhosts no" in
  You may also need "PermitRootLogin without-password"
- Add the relevant entry to ~/.shosts
- Make sure ~/ and ~/.shosts are only writable by the owner

I think that's all but I'm working from memory so I may have missed
an option somewhere.  ssh debugging options are very useful for
working out why it isn't working.

Peter Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20070511/cfbbc67d/attachment.pgp

More information about the freebsd-current mailing list