On 01/27/2011 09:00 AM, Always Learning wrote:
> On Thu, 2011-01-27 at 06:57 -0600, David Christensen wrote:
>
>> If pw less access is something you prefer use a kerberos based service like FreeIPA/RedhatIPA. No need for ssh keys, and pw aren't stored locally. You can log in as a regular user and sudo su - to root, which can be done during ssh login: ssh -t user@host sudo su -
> Thanks David. My problem happened because I wrong prefixed the server's
> key with id_rsa. Have since changed to DSA keys and everything works
> well.
>
Ya sorry I was jumping on the band wagon about not using ssh-keys with
the root login or allowing root login at all. Its usually a dir/file
permissions thing when it comes to using keys.
You should look into getting away from using ssh-keys unless absolutely
necessary and look at centralized authentication/authorization; of
course if your env is large enough to warrant it. Kerberos can provide
the same sort of password less access as ssh-keys.
Anyway good luck.
David
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
