Hi Conor, I shall try this and let you know of the results! Thanks! Pete At 08:57 PM 22/05/2001 +0100, you wrote: >On Tue, May 22, 2001 at 01:13:10PM +1200 or so it is rumoured hereabouts, >Mark Foster thought: > > As far as im aware, OpenSSH2 uses /etc/hosts.allow ? > > > > [blakjak@phoenix blakjak]$ telnet localhost 22 > > Trying 127.0.0.1... > > Connected to phoenix. > > Escape character is '^]'. > > SSH-1.99-OpenSSH_2.3.0p1 > > > > Other than that, chec out the config files in /etc/ssh ? > >Or you could look at using /etc/ssh_known_hosts and >$HOME/.ssh/authorized_keys These files contain the public keys for the >hosts and users who are allowed connect without passwords. > >for example... > >host foo users tim, john >host bar users tim, john > >in foo:/etc/ssh_known_hosts you have the public host key for bar >in foo:/home/tim/.ssh/authorized_keys you have the public key for tim@bar > >in bar:/etc/ssh_known_hosts you have the public host key for foo >in bar:/home/tim/.ssh/authorized_keys you have the public key for tim@foo > >for each host on your network, /etc/ssh_known_hosts contains the public >host keys for all the other hosts. > >For each user on your network, $HOME/.ssh/authorized_keys contains the >user's public key which can be the same on all machines on your network or >can be different. > >The easiest way to get this going is to use ssh-keygen on each host to >generate the host key. When you have all host keys generated, copy *all* >of the .pub keys to a /etc/ssh_known_hosts file on one host. Then copy >this file to all machines in your network. > >For each user, use ssh-keygen to create *one* key pair. Copy the .pub >key to $HOME/.ssh/authorized_keys Now copy the .ssh *directory* including >the authorized_keys file to the user's home directory on *all* hosts. > >If you wish to use DSA keys rather than RSA, use ssh-keygen -d to create >the keys and use the filenames ssh_known_hosts2 and authorized_keys2 > >I *think* that'll do it... > >Conor >-- >Conor Daly <[EMAIL PROTECTED]> > >Domestic Sysadmin :-) >--------------------- >Faenor.cod.ie > 8:35pm up 3 days, 8:43, 0 users, load average: 0.08, 0.02, 0.01 >Hobbiton.cod.ie > 8:36pm up 2 days, 9:37, 2 users, load average: 0.00, 0.00, 0.00 > >_______________________________________________ >techtalk mailing list >[EMAIL PROTECTED] >http://www.linux.org.uk/mailman/listinfo/techtalk ============================================== Pete Durst Sun Certified System Administrator Sun Certified Network Administrator Sun Certified Instructor Advanced UNIX Instructor [EMAIL PROTECTED] Learnix, a division of TMI 2650 Queensview Drive Suite 160, Ottawa, Ontario K2B 8H6 Tel: (613)828-5007 ext. 4313 Fax: (613)721-0599 http://www.learnix.com ============================================== _______________________________________________ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
