Karl Larsen wrote:
Stephen Mirowski wrote:
hicham wrote:
Hello
I'm having trouble to set a passwordless ssh connection between many
pcs ,
I've found lot on the web about exchanging public keys but i still
cannot make it password less
thanks
hicham
I believe if you enable:
#PermitEmptyPasswords no
and change to "yes" in /etc/ssh/sshd_config, then restart you sshd, it
should allow no passwords. Personally, I recommend against remote
access w/o passwords.
Stephen Mirowski
I echo the concern about empty passwords. Without the password any
hacker can ssh to any of your computers and get on. This is very bad!
Even a stupid Hacker could delete your entire directory. And a smart one
would delete your entire computer!
Karl
This is not what the OP is trying to do (or, at least, I hope not...).
Leave this alone, having passwordless accounts you can log into over
ssh is an awful idea as mentioned above:
#PermitEmptyPasswords no
Add this to prevent authentication against the user's password:
PasswordAuthentication no
Restart sshd
To ssh into a user account you now need a key pair:
eg. id_dsa (private) and id_dsa.pub (public).
The user needs to do "$ cat id_dsa.pub >> ~/.ssh/authorized_keys",
so the key is now recognised on logging in.
To ssh in you need to use the private key. Unless it's one of a
few default names or specified in ~/.ssh/config, you need to point
to it with ssh's -i flag.
If the key was generated password protected you'll be prompted for
the key's password (not the user password), if not (or you've
since removed the password with ssh-keygen) then you'll be logged
in straight away.
Files in ~/.ssh are picky about permissions, rule of thumb: anything
not ending in .pub should be set 600. .pub files can be 644, but
there's no real reason to do that.
--
imalone
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
