SSH key generation and keychain

William Stearns wstearns at pobox.com
Fri Jun 4 17:00:01 EDT 2004 

Good afternoon, Eric,

On Fri, 4 Jun 2004, Eric Pfeifer wrote:

> A long time lurker first time poster...

	Welcome!

> I am in the process of trying to automate some of my accounts using ssh and rsa
> keys. I pulled down keychain and have been reading some net references on how
> to configure ssh to allow a passwordless login.
> 
> I've established my keypair and copied the public key (id_rsa.pub) to the .ssh
> home directory on the remote machine and merged it into authorized_keys. I've
> ran ssh-agent and did an ssh-add. but I still get prompted for my key
> passphrase. How can I set it up so I don't get prompted?

	The process is annoying and non-standard enough that I wrote a 
script to automate the process.  Please grab ssh-keyinstall from 
http://www.stearns.org/ssh-keyinstall/ and run it as:

ssh-keyinstall -s the_server_to_which_you_want_to_connect

	If your user acount is different from the one on the local 
machine, run it as:

ssh-keyinstall -s the_server_to_which_you_want_to_connect -u username_on_remote_machine

	It'll handle the entire process: key generation, copying the 
public key over, putting it in the right file, converting the format if 
needed, and setting permissions on your home and .ssh directories.
	It'll ask you to type in your remote password between 3 and 5
times to make the needed connections to the remote system, each time
showing you exactly what command is about to be run for the paranoid like
myself.  Once it's done, you should be able to make remote connections
using just your key (and the passphrase if you're not using ssh-agent).
	I have some more articles on using ssh at 
http://www.stearns.org/doc/ .  Please let us know if you run into 
problems.
	Cheers,
	- Bill

---------------------------------------------------------------------------
        "There is no beautifier of complexion or form of behavior like
the wish to scatter joy, and not pain, around us."
        -- Raph Waldo Emerson
--------------------------------------------------------------------------
William Stearns (wstearns at pobox.com).  Mason, Buildkernel, freedups, p0f,
rsync-backup, ssh-keyinstall, dns-check, more at:   http://www.stearns.org
--------------------------------------------------------------------------

More information about the gnhlug-discuss mailing list