Experiences with 7.0-CURRENT and vmware.
Peter Jeremy
peterjeremy at optushome.com.au
Fri May 11 07:45:26 UTC 2007
On 2007-May-10 11:13:26 +0000, Darren Reed <darrenr at hub.freebsd.org> wrote:
>Oh, and how do I fix ssh/rsh to do passwordless sessions?
Assuming you are using OpenSSH on both ends, use HostBasedAuthentication:
Client side:
- make /usr/libexec/ssh-keysign setuid root
- add the server's host key to known_hosts
- Set "HostbasedAuthentication yes" and "EnableSSHKeysign yes" in config
Server side:
- add the client's host key to /etc/ssh/ssh_known_hosts
- Set "HostbasedAuthentication yes" and "IgnoreRhosts no" in
/etc/ssh/sshd_config.
You may also need "PermitRootLogin without-password"
- Add the relevant entry to ~/.shosts
- Make sure ~/ and ~/.shosts are only writable by the owner
I think that's all but I'm working from memory so I may have missed
an option somewhere. ssh debugging options are very useful for
working out why it isn't working.
--
Peter Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20070511/cfbbc67d/attachment.pgp
More information about the freebsd-current
mailing list