"Mikkel L. Ellertson" wrote:
> On Thu, 8 Mar 2001 [EMAIL PROTECTED] wrote:
>
> >
> >
> > Is there a way to establish an ssh2 session without being prompted
> > for a password? I'm trying to set up a cron job that will perform
> > remote backups and I don't want to set up an FTP server for this.
> > I've read through the instructions, and haven't found anything
> > (anything obvious to me, anyway). I've set up public key
> > authentication, and can log in provided that I give the proper
> > password. I'd like to set this thing up to run without any user
> > intervention if possible.
> >
> > Thanks!
> > --
> > Steve
> >
> >
> You have to use ssh-keygen, and generate key pairs. If you do not
> assign a password to the key, you can then copy the public key to the
> machine you want to connect to, and put it in the user's .ssh directory
> in the authorized_keys file.
>
> If it wasn't a cron job, you could have a password on the key, and use
> ssh-agent and ssh-add to set the password, but I do not know how to set
> them up for a cron job...
>
> If you set up a private key without a password, make sure you keep it in
> a secure directory, because it can be used to log into the remote
> machine by anyone that has it.
In openssh I think you will hat to generate the dsa key and place the
public key in the file authorized_keys2 file
>From the ssh-keygen man page:
DESCRIPTION
ssh-keygen generates and manages authentication keys for ssh(1). ssh-
keygen defaults to generating an RSA key for use by protocols 1.3 and
1.5; specifying the -d flag will create a DSA key instead for use by
pro-
tocol 2.0.
As Mikkel said when prompted for the passphrase just hit the enter key each
time prompted and you will have a key with no passphrase that can be used
for all sorts of stuff.
If the user will only be used to run specific commands you can add the
command to the key entry in the authorized_keys2 file so that it is run
when the connection is made using that key. Or does it jsut limit the
commands to be run? I forget. I believe the former.
HTH
Bret
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
