SSH autologin
in [Mac Systems]
|
From: Bob Harris on 15 Jan 2010 21:47 In article <howard-550C84.11284915012010(a)host81-136-209-74.in-addr.btopenworl d.com>, Howard S Shubs <howard(a)shubs.net> wrote: > I've got this working from a G5 running 10.5.8 to a MacBook Pro running > 10.6.2, but not the reverse. When I try to go from the MBP to the G5, > it always prompts for password. Any idea what I should be looking for? > I tried everything I can think of. assuming you have placed the MBP's .ssh/rsa_id.pub key in the G5 user's .ssh/authorized_keys file, then you should check to make sure all the key ssh files have the correct permissions. "man ssh" will list the required permissions for several files, and if they have too permissive permissions, then ssh will assume they could be compromised and thus require your password. For example, if your home directory allows group or world write access, ssh assumes someone could rename your .ssh directory, and substitute their own. Like I said there are several files ssh considers critical and lists the permissions it requires in "man ssh". You can also use: ssh -v -v -v username(a)G5.address to see what reason ssh uses when asking for a password. If you compare the MBP to G5 ssh -v -v -v output against the G5 to MBP ssh -v -v -v output, it should become obvious where the password prompting connection takes a "Left Turn". Bob Harris
From: johnny bobby bee on 16 Jan 2010 00:34 Jolly Roger took to the world wide interwebs to proclaim: > In Mac OS X there is typically no reason to enable or use the root > account - much less allow others to log in as root from over the > network. In fact, doing so presents some serious security risks. Right. Did you even read my post? If you don't enable or use root, then you /can't/ log in as root over the network. Therefore, changing sshd_config to 'PermitRootLogin no' is /not/ necessary. You dig now?
From: Jolly Roger on 16 Jan 2010 12:14 In article <hirj5q$j7a$1(a)news.eternal-september.org>, johnny bobby bee <stepore-no_spam_eh(a)gmail.com> wrote: > Jolly Roger took to the world wide interwebs to proclaim: > > In Mac OS X there is typically no reason to enable or use the root > > account - much less allow others to log in as root from over the > > network. In fact, doing so presents some serious security risks. > > Right. > > Did you even read my post? Of course I read it. You wrote: > >> As long as you don't enable or use root, that one should be fine. The meaning of "that one should be fine" was ambiguous, and I mistook your intention. I took it to mean "it should be okay to make that change as you suggest" as in: > >> As long as you don't enable or use root, [it should be okay to > >> make that change as you suggest, because otherwise it would > >> prevent you from logging into SSH as root]. Ya dig? ; ) > If you don't enable or use root, then you > /can't/ log in as root over the network. Therefore, changing sshd_config > to 'PermitRootLogin no' is /not/ necessary. > > You dig now? Yep - thanks for explaining. -- Send responses to the relevant news group rather than email to me. E-mail sent to this address may be devoured by my very hungry SPAM filter. Due to Google's refusal to prevent spammers from posting messages through their servers, I often ignore posts from Google Groups. Use a real news client if you want me to see your posts. JR
From: VAXman- on 22 Jan 2010 07:48 In article <howard-54348A.00244722012010(a)74.sub-97-136-209.myvzw.com>, Howard S Shubs <howard(a)shubs.net> writes: >In article <00A9796A.C419C284(a)SendSpamHere.ORG>, > VAXman- @SendSpamHere.ORG wrote: > >> Also, the format I was describing was for the known_hosts. If in >> doubt, delete the .ssh/authorized_keys and create anew. > >I was, just in case, so I did. Are you still having issues? I've used the methods I posted in one of the posts in this thread (I think I said hostkey but meant public key) to setup public key authentication between OSX <-> OSX , OSX <-> Linux , OSX <-> VMS and Linux <-> VMS ; albeit, there are differences with the VMS interface as VMS the uses RFC4716: SSH Public Key File Format, and OSX a Linux use Open- SSH's implementation. I've even setup public key with WEENDOZE boxes after installing CygWin. -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG http://www.quirkfactory.com/popart/asskey/eqn2.png Yeah. You know, it occurs to me that the best way you hurt rich people is by turning them into poor people. -- Billy Ray Valentine
From: Steven Fisher on 22 Jan 2010 12:12 In article <howard-31BD70.09590422012010(a)74.sub-97-136-209.myvzw.com>, Howard S Shubs <howard(a)shubs.net> wrote: > The reason I came in here was to find out if (1) I was forgetting > something, and (2) if there was a specific problem between 10.5 and 10.6 > that I needed to take into account. Forgive me if this has been asked before, but I've found SSH login failing is permissions related almost every time. Have you checked permissions on .ssh on both computers, authorized_keys on the one you can't log in to, and id_* on the computer you're trying to log in to? Steve
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 Prev: file: suggest_window.html (?) Next: Server listed in pane |