SSH key generation and keychain
Dan Jenkins
dan at rastech.com
Fri Jun 4 16:24:00 EDT 2004
Cole Tuininga wrote:
> On Fri, 2004-06-04 at 15:55, Eric Pfeifer wrote:
>
> > I've established my keypair and copied the public key (id_rsa.pub)
> > to the .ssh home directory on the remote machine and merged it into
> > authorized_keys. I've ran ssh-agent and did an ssh-add. but I still
> > get prompted for my key passphrase. How can I set it up so I don't
> > get prompted?
>
>
> This could be cause by a couple of things that I can think of.
>
> 1) The file (on the remote site) should be called "authorized_keys".
>
I use authorized_keys2 I use dsa keys and SSH2. I believe this is the
default file for SSH2.
I set it up so long ago I don't remember why, but it works.
> 2) File permissions - some ssh implementations enforce that the file
> permission on the authorized_keys file must be 600.
Very important, and non-obvious. Though it ought to show up in
/var/log/messages or syslog
as an error if wrong.
> 3) Key length - openssh at least will require that the length of your
> key be at *least* 768 bits.
>
> 4) Make sure that your ssh daemon on the remote end is configured to
> be able to accept public keys.
in sshd_config:
PubkeyAuthentication yes (again, I use SSH2, YMMV)
--
Dan Jenkins (dan at rastech.com)
Rastech Inc., Bedford, NH, USA --- 1-603-624-7272
*** Technical Support for over a Quarter Century
More information about the gnhlug-discuss
mailing list