07-25-2015
While 700 permission on ~/.ssh/ and 600 on ~/.ssh/authorized_keys, both on the remote node, are recommended but not mandatory, the local ~/.ssh/id_rsa NEEDS 600 permission, or ssh will simply ignore a private key file if it is accessible by others. (man ssh).
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Vesion 3.8.1 of OpenSSH has been compiled on a Solaris 8 host. I am having difficulties in enabling password aging to work from reading /etc/default/passwd and /etc/shadow.
# passwd -f < user-id > works satisfactorily however once a password ages through due course from the settings in... (1 Reply)
Discussion started by: raylen
1 Replies
2. Solaris
Hi,
I would like to login from a Sun server running ssh:
Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
to
ssh: SSH Secure Shell 3.0.1 on sparc-sun-solaris2.6
How can I achieve this?
Thanks a million in advance (1 Reply)
Discussion started by: newbewie
1 Replies
3. Windows & DOS: Issues & Discussions
Hi all, I am just enjoying my first experience with UNIX type stuff but I am completely stumped with syntax etc. I have installed OpenSSH on my windows machine which is a working nicley and I can gain access using putty. I am however trying to set up public key authentication and turn off passwords... (2 Replies)
Discussion started by: bilbonvidia
2 Replies
4. Windows & DOS: Issues & Discussions
Hi Gurus
I have installed OpenSSH server in one of my Windows 2003 boxes.
I have installed the setup and added the users as told in the link.
But i am getting an "Access denied" whenever i try to log in through ssh or sftp. But when i try to log in through my loopback IP (127.0.0.1),i am... (1 Reply)
Discussion started by: Renjesh
1 Replies
5. Windows & DOS: Issues & Discussions
Hi people,
I'm trying to configure the OpenSSH in my win server 2003 to accept connection with public/private keys, without password.
I research all over internet sites about, almost all them, have the same instructions that doesn't work.
I can just get a sFTP connection with password without... (0 Replies)
Discussion started by: laurentiis
0 Replies
6. AIX
Hello together,
I have a Problem with openssh on AIX 5.3.
We have a big amount of AIX-hosts that run with openssh but one donīt!
Every time we try to connect via ssh to the host, we get a password prompt.
The myth ist, that there is no Error or somthing else.
Here the output of ssh -vvvv to... (14 Replies)
Discussion started by: heifei
14 Replies
7. UNIX for Dummies Questions & Answers
Hello,
I am very unfamiliar with linux/unix (don't even know the difference), but am trying to get some linux software to run on my Windows machine for my research. I have the makefiles for the software, and it is designed to be compiled in the PGI complier, which I also have. When i... (6 Replies)
Discussion started by: roba87
6 Replies
8. UNIX for Advanced & Expert Users
Hello,
I just installed a bran new Centos 6.2 including openssh 5.3.
On older servers I installed older Linux including openssh 4.3,
I am using keygen with private/public keys to log root on all servers (in a LAN) without typing password each time.
To do this, of course, I have my local... (4 Replies)
Discussion started by: epoins
4 Replies
9. Cybersecurity
Hello Gurus,
I am trying to set up bidirectional password-less login between a linux and a Solaris. The way I am doing is very simple, which is creating pub/priv key pairs on each host and add the pub key to each other's authorized_keys file:
ssh-keygen -t rsa (I tried dsa, and it didn't work... (4 Replies)
Discussion started by: error_lee
4 Replies
10. Cybersecurity
I stumbled upon this thread and one aspect of it got me thinking. As i am building a small Linux network right now for a friend i would like to hear your opinion on this.
I'd like to respectfully disagree. I think the Linux habit of disabling root login per default is wrong (not entirely... (6 Replies)
Discussion started by: bakunin
6 Replies
LEARN ABOUT FREEBSD
ssh-keysign
SSH-KEYSIGN(8) BSD System Manager's Manual SSH-KEYSIGN(8)
NAME
ssh-keysign -- ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
DESCRIPTION
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication with
SSH protocol version 2.
ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
EnableSSHKeysign to ``yes''.
ssh-keysign is not intended to be invoked by the user, but from ssh(1). See ssh(1) and sshd(8) for more information about host-based authen-
tication.
FILES
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_ed25519_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, read-
able only by root, and not accessible to others. Since they are readable only by root, ssh-keysign must be set-uid root if host-
based authentication is used.
/etc/ssh/ssh_host_dsa_key-cert.pub
/etc/ssh/ssh_host_ecdsa_key-cert.pub
/etc/ssh/ssh_host_ed25519_key-cert.pub
/etc/ssh/ssh_host_rsa_key-cert.pub
If these files exist they are assumed to contain public certificate information corresponding with the private keys above.
SEE ALSO
ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)
HISTORY
ssh-keysign first appeared in OpenBSD 3.2.
AUTHORS
Markus Friedl <markus@openbsd.org>
BSD
December 7, 2013 BSD