On Wed, Feb 28, 2007 at 03:42:48PM +0100, Giacomo Montagner wrote: > > > Hi! > Usually I do not change anything in ssh configuration. All I do is this: > > On source machine: > > [EMAIL PROTECTED]:~$ ssh-keygen -t dsa > <use empty passphrase> > > [EMAIL PROTECTED]:~$ cat ~/.ssh/id_dsa.pub > > On destination machine: > [EMAIL PROTECTED]:~$ vi ~/.ssh/authorized_keys > <paste the content of [EMAIL PROTECTED]'s id_dsa.pub and save the file> > > Now you should be able to do: > [EMAIL PROTECTED]:~$ ssh [EMAIL PROTECTED] > > without needing to type any password. > > Hope this helps. > Ahh. That's what I was afraid of. Having ssh keys without a passphrase is convenient, but very insecure. You are better off without the keys. For the longest time I did not understand that, then some kind soul on this list pointed to ssh-agent and keychain. Very minor inconvenience (enter the passphrase once when you login), and *much* more secure.
Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: Digital signature
