On Fri, Jan 31, 2003 at 05:39:22PM -0800, nate wrote: > SSH v2 is not *too* much different. though it's been a while > since I tried it with DSA authentication, last time I tried it, > it was a real bitch to get working(this was about a year ago)
erm, iirc it's the same thing, only if you're using an older
version of sshd you need to put the public key in ~/.ssh/authorized_keys2
instead. here's a really simple example:
oil[~]20:58:57$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/finney/.ssh/id_dsa):
Created directory '/home/finney/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/finney/.ssh/id_dsa.
Your public key has been saved in /home/finney/.ssh/id_dsa.pub.
The key fingerprint is:
e1:a2:6a:bc:e3:c9:b8:19:57:bc:a7:6c:b6:82:87:ac [EMAIL PROTECTED]
oil[~]20:59:34$ cat .ssh/id_dsa.pub >> .ssh/authorized_keys2
oil[~]21:00:18$ ssh oil # <== look ma, no passwd!
Kickstart-installed Red Hat Linux Thu Jan 16 10:36:39 EST 2003
# ^===(disclaimer: not my machine) :)
oil[~]21:00:26$ logout
Connection to oil closed.
oil[~]21:00:27$
however, the above example uses a passphraseless key, which isn't the
best wrt security (same goes if you're using sshv1 rsa keys too). what's
better is to use ssh-agent and a passphrase on your key.
sean
msg27777/pgp00000.pgp
Description: PGP signature
