can't figure out ssh, read lots of docs...
Nathan Kinkade
nkinkade at ub.edu.bz
Wed Jun 1 20:38:44 GMT 2005
On Wed, Jun 01, 2005 at 02:24:07PM -0500, Greg Barniskis wrote:
> Steven Friedrich wrote:
> >I'm trying to use scp and I get prompted for a password or passphrase for
> >each invocation.
> >
> >I figure I need to figure out how to get ssh to connect without prompting,
> >but I just can't get it. I've read all the man pages and my head is
> >swirling. I went to the OpenSSH web site and got no further. I've been
> >in the business for 28 years and can usually figure things out from man
> >pages, but ssh doesn't seem to be clear enough. I've been unemployed for
> >over a year and can't afford the OReilly book right now (which I'm
> >offering as my defense for asking here).
> >
>
<snip>
> (the sshd server). Since what you say you want is real transparency
> (no prompts), don't assign a passphrase when generating the keys.
<snkp>
>
> Greg Barniskis, Computer Systems Integrator
The poster is correct in that what you probably what to do is setup
public-key authentication using ssh, however, I would highly recommend
that you NOT use a blank passphrase for your private key. ssh-agent, a
utility that I think comes standard with the openssh package will store
your passphrase for a given login session and automatically supply it
for you so that you don't have to type the passphrase each time. Check
the manpage for ssh-agent(1). To make it even more convenient there is
nice little shell script program called keychain that will manage your
passphrases for all login sessions at once. With keychain you will only
have to supply your passphrase(s) once when you first login or boot your
system and that's it. I don't think leaving a private key around on
your system without a passphrase is a good idea, and especially if you
are using it to automatically authenticate to a remote machine.
Keychain is in the ports collection.
http://www.gentoo.org/proj/en/keychain/
Nathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20050601/249cf6fe/attachment.bin
More information about the freebsd-questions
mailing list