10-13-2006
see ssh(1), section 'Server authentication', ssh-keygen(1)
10 More Discussions You Might Find Interesting
1. Solaris
Hi, I want to ssh the linux server without inputting the password, how can I config this server?
Thanks in advance! (1 Reply)
Discussion started by: GCTEII
1 Replies
2. Solaris
Hello
I want to set the password for user never expire through the command line. For your information the box is running under Solaris 8 platform. (2 Replies)
Discussion started by: shamsul
2 Replies
3. Solaris
I have installed Solaris 10 x86 in VMware 5.5.I logged in as root user and trying to create new user and also reset the password for existing user, i am getting "Permission Denied Error". I checked the /etc/shadow file, looks fine permission is 400. Earlier i was able to do it but suddenly it... (2 Replies)
Discussion started by: khagendra
2 Replies
4. Solaris
Hi Gurus
I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails.
Resetting my password reenables the keys.
Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies
5. Shell Programming and Scripting
SSHing into a machine can take a few seconds, but after I'm in, the commands return quickly. I was wondering if the timeout setting can be changed once I'm logged into the machine. Does anyone know if this can be set on the fly? The problem here is, if I have to set timeout = 10, it'll take 10... (1 Reply)
Discussion started by: mrwatkin
1 Replies
6. Shell Programming and Scripting
Hi,
Whenever I open my unix box,after providing username and password I get the following message.
Are you authorised to use this computer as detailed above? (Y)es/(N)o : y
Export: Release 10.2.0.2.0 - Production on Mon May 16 16:00:15 2011
Copyright (c) 1982, 2005, Oracle. All rights... (5 Replies)
Discussion started by: emilybose
5 Replies
7. Shell Programming and Scripting
okay here I go again...
I have created a script which adds new user to /etc/password and which inturn creating a locked password in /etc/shadow but I am expecting to have *NP* for that particular user.Can someone help me with a script which can set the password for a particular user to NP in... (1 Reply)
Discussion started by: sintilash
1 Replies
8. Solaris
I have a Solaris-10 non global zone, on which I am not able to reset password, while counts are matching in /etc/passwd and /etc/shadow. I tried searching its solution in various forums, but nothing is working
# id -a oemagent
uid=56605(oemagent) gid=56595(tess) groups=56595(tess)
# passwd -s... (2 Replies)
Discussion started by: solaris_1977
2 Replies
9. UNIX for Beginners Questions & Answers
i have tried to use a sudo command from a user level . but instead of asking for user password it asked for root password . how should i go about it .
james@opensuse:/etc> sudo ifconfig
root's password:
And i wish to ask how should i allow a list of command to be allowed to used for a... (4 Replies)
Discussion started by: lobsang
4 Replies
10. Red Hat
Hello Experts,
when I am trying to connect my target server through sftp after creating ssh password less setup, it is asking for passowrd to connect.
to setup this I followed below process:
-->generated keys by executing the command "ssh-keygen -t rsa"
-->this created my .ssh directory... (9 Replies)
Discussion started by: Devipriya Ch
9 Replies
LEARN ABOUT PLAN9
ssh-keysign
ssh-keysign(1M) ssh-keysign(1M)
NAME
ssh-keysign - ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication
with SSH protocol version 2. This signature is of data that includes, among other items, the name of the client host and the name of the
client user.
ssh-keysign is disabled by default and can be enabled only in the global client configuration file /etc/ssh/ssh_config by setting Host-
basedAuthentication to yes.
ssh-keysign is not intended to be invoked by the user, but from ssh. See ssh(1) and sshd(1M) for more information about host-based authen-
tication.
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, readable
only by root, and not accessible to others. Because they are readable only by root, ssh-keysign must be set-uid root if host-based
authentication is used.
ssh-keysign will not sign host-based authentication data under the following conditions:
o If the HostbasedAuthentication client configuration parameter is not set to yes in /etc/ssh/ssh_config. This setting cannot be overri-
den in users' ~/.ssh/ssh_config files.
o If the client hostname and username in /etc/ssh/ssh_config do not match the canonical hostname of the client where ssh-keysign is
invoked and the name of the user invoking ssh-keysign.
In spite of ssh-keysign's restrictions on the contents of the host-based authentication data, there remains the ability of users to use it
as an avenue for obtaining the client's private host keys. For this reason host-based authentication is turned off by default.
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWsshu |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
ssh(1), sshd(1M), ssh_config(4), attributes(5)
AUTHORS
Markus Friedl, markus@openbsd.org
HISTORY
ssh-keysign first appeared in Ox 3.2.
9 Jun 2004 ssh-keysign(1M)