ssh from "local" to "remote" without using a password at all, do the following, where $local is a command-prompt on the local machine and $remote is a prompt on the remote machine. Replace the words REMOTE and LOCAL with the actual network names of the machines:$local ssh-keygen -t dsaAt this point you should be able to:
$local scp ~/.ssh/id_dsa.pub REMOTE:.
$remote cat ~/id_dsa.pub >>~/.ssh/authorized_keys
$remote ssh-keygen -t dsa
$local scp REMOTE:.ssh/id_dsa.pub .
$local cat ~/id_dsa.pub >>~/.ssh/authorized_keys
$local ssh REMOTEwithout a password, you may be prompted to accept the fingerprint of the other machine. Do so. Then in the remote shell:
$remote ssh LOCALThis may also generate a fingerprint-acceptance message. Just accept it.
You can also delete the id_dsa.pub files in the login directory of each machine. Do not copy the
id_dsa (without the .pub extension) this is your private key and the connection is only as secure as that file. If someone has the file, they can impersonate you. This is also why some people recommend supplying a passphrase when running ssh-keygen and then using ssh-agent provide similar behavior, but with the need to enter your passphrase once per session.
No comments:
Post a Comment