I decided to set up ssh-agent and ssh-askpass on my laptop to allow easier access to other systems on my LAN. First I created a public/private key pair:
bash-2.05b$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/richard/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/richard/.ssh/id_dsa.
Your public key has been saved in /home/richard/.ssh/id_dsa.pub.
The key fingerprint is:
OB:FU:SC:AT:ED:FO:RS:EC:UR:IT:YR:EA:SO:NS richard@orr.taosecurity.com
Next I added the contents of /home/richard/.ssh/id_dsa.pub to newly-created authorized_keys files in the ~/.ssh/ directory on every server to which I wished to connect.
To ease log-in, I changed my laptop's .xinitrc file to look like this:
ssh-add < /dev/null
exec fvwm-themes-start
I also ensured my .profile had these entries:
SSHAGENT=/usr/bin/ssh-agent
SSHAGENTARGS="-s"
if [ -z "$SSH_AUTH_SOCK" -a -x "$SSHAGENT" ]; then
eval `$SSHAGENT $SSHAGENTARGS`
trap "kill $SSH_AGENT_PID" 0
fi
Now when I execute 'startx', I see ssh-askpass prompt for the keyphrase I entered when generating the DSA key pair above. I can log in to all the servers who have my laptop's public key in their authorized_keys file without entering a password.
0 komentar:
Posting Komentar