04-06-2015
In your setup, BB is the active part, the client, and AA is sort of server. If you want the roles reversed, you'll need to generate a key pair for AA on AA and store the public key on BB. There's no way around this.
You may want to consider "centralized" authentication like e.g. kerberos, but you'd need to implement it on every single server that you want to access.
This User Gave Thanks to RudiC For This Post:
7 More Discussions You Might Find Interesting
1. HP-UX
Hello,
I'm new to HP-UX. I have a system running B.11.23 on ia64. The system gets its user passwords via active directory. Everytime a new account is added to AD a script pushes out the account info to all the systems and this system is updated too. However, on this machine, users are unable to... (2 Replies)
Discussion started by: BFLO
2 Replies
2. Shell Programming and Scripting
Hi All,
Here i am having a problem in my script....:)
i have one script which will connect from my linux box to antoher linux box..
let say...currently i am in 55.23.621.123
and i want to connect to another box which is 55.23.621.118
as we know we can connect using ssh... (2 Replies)
Discussion started by: Shahul
2 Replies
3. Shell Programming and Scripting
Hi Friends,
We need to create a script which will invoke a command with diffrent parameters.
The command invoked needs the password. So how automatically we can enter password in the script to the command?
example.:
#!/bin/ksh
for par in `cat parfile` do
# Here is the main command... (1 Reply)
Discussion started by: sourabhsharma
1 Replies
4. Linux
Well im on Fedora, and theres no sub section for Fedora so yea
Well how do you connect to an SSH, while on a windows terminal?
And also to transfer a file from my desktop to a server?
how is this done
scp command is not working for me (3 Replies)
Discussion started by: gangsta
3 Replies
5. IP Networking
My VPN setup requires me to allow users via IP in the firewall, before they can access the VPN via SSH.
The problem is that my home IP is dynamic, and I have to re-add it every time I reconnect.
Any ideas? (2 Replies)
Discussion started by: rlopes
2 Replies
6. Red Hat
Basically I only want particular users to know the root password, but I also want power users to be able to run certain commands with root privileges. All admins for this box will be authenticating initially through winbind (I do have a backdoor account in case winbind goes wonky)
I want... (0 Replies)
Discussion started by: thmnetwork
0 Replies
7. UNIX for Advanced & Expert Users
We have 2 different servers say A and B and I want to check the log file of 2 servers simultaneously.
If I am logged into server A how can I connect to server B.
I have used ssh username@B.But it is asking password. How can I give the password on ssh.
Or is there any other utility for... (2 Replies)
Discussion started by: jim john
2 Replies
LEARN ABOUT SUSE
ssh-keysign
SSH-KEYSIGN(8) BSD System Manager's Manual SSH-KEYSIGN(8)
NAME
ssh-keysign -- ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
DESCRIPTION
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication with
SSH protocol version 2.
ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
EnableSSHKeysign to ``yes''.
ssh-keysign is not intended to be invoked by the user, but from ssh(1). See ssh(1) and sshd(8) for more information about host-based authen-
tication.
FILES
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, read-
able only by root, and not accessible to others. Since they are readable only by root, ssh-keysign must be set-uid root if host-
based authentication is used.
SEE ALSO
ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)
HISTORY
ssh-keysign first appeared in OpenBSD 3.2.
AUTHORS
Markus Friedl <markus@openbsd.org>
BSD
May 31, 2007 BSD