10-07-2018
Yeah, I gave up on what I really wanted and went with keys, this is far from ideal, if you knew the entire situation you'd understand. Anyway...
Keys for now have helped, except, they are user dependent? User A creates keys and can use them. User B logs in but can't use them. B generates keys, then A can't log on. This is of no use to me at all, I'm not sitting copying keys for 30 servers every time a different user wants access.
So the new question is: Is this normal? Only 1 live set of keys at any one time? How can I prevent this?
Thanks.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello all,
I would like to know if anyone had ever set up a network in which they used DHCP and OPENSSH with no password. I can configure my ssh files to allow me to enter any machine without a password as long as I have generated the public and private keysa nd store them in my .ssh/aut... ... (3 Replies)
Discussion started by: larryase
3 Replies
2. UNIX for Advanced & Expert Users
Hi,
Can anybody tell me a way to do ssh , without prompting for password from keyboard, Using RSA. The requirement is I need to create the key , using passphrase also.....
Is there any way to do it in UNIX ?
I am doing it from AIX machine , but remote machine is Linux
I tried... (8 Replies)
Discussion started by: shihabvk
8 Replies
3. HP-UX
Hi,
I have the necessity to run a korn shell on a remote server (both HP-UX servers) using the ssh command.
The sintax that I use is
ssh -l <remote user> <IP address of remote host> command(ksh script)
Pressing enter I need to set the password of the remote user. Is it possible to... (2 Replies)
Discussion started by: gio123bg
2 Replies
4. Solaris
Hi Gurus
I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails.
Resetting my password reenables the keys.
Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies
5. Shell Programming and Scripting
Please help me
I want connect to orther server using ssh. But I need to transfer password also without entering when it is prompts. Please help me. (1 Reply)
Discussion started by: saga499
1 Replies
6. UNIX for Dummies Questions & Answers
How to setup SSH to not require a password when establishing an SSH connection from server A to server B for particular user? (4 Replies)
Discussion started by: sam101
4 Replies
7. Solaris
I am working on Solaris 10 Sparc.
While ssh trust relation building for SUN-CLUSTER on server,
I am facing issue.
I can log in from server2 to serer1 direactly
but when i log in to server1 from server2 it prompts password.
root@app1 # ssh app2
Last login: Wed Jul 27 14:08:14 2011... (0 Replies)
Discussion started by: anand87
0 Replies
8. Red Hat
Hi,
I am trying to generate ssh without having to type a password.
I have done this on numerous occasions using the procedure below and it has worked fine but not on this occasion.
user1@sys1:ssh-keygen -t dsa -N ""
<press enter for any questions>
user1@sys1: ll .ssh/id_dsa.pub... (16 Replies)
Discussion started by: Duffs22
16 Replies
9. Shell Programming and Scripting
Hello Guys,
I have a specific requirement where I need to provide password to ssh and sftp in my script on Solaris.
I know password-less connection is the way without password but in my case, I cant use the same due to some limitations.
Please let me know if we can tweak it. (7 Replies)
Discussion started by: Deei
7 Replies
10. Red Hat
Hello Experts,
when I am trying to connect my target server through sftp after creating ssh password less setup, it is asking for passowrd to connect.
to setup this I followed below process:
-->generated keys by executing the command "ssh-keygen -t rsa"
-->this created my .ssh directory... (9 Replies)
Discussion started by: Devipriya Ch
9 Replies
LEARN ABOUT DEBIAN
keyarch
KEYARCH(1p) User Contributed Perl Documentation KEYARCH(1p)
NAME
keyarch - DNSSEC-Tools daemon to archive old KSK and ZSK keys
SYNOPSIS
keyarch [options] <keyrec_file | rollrec_file>
DESCRIPTION
The keyarch program archives old KSK and ZSK keys. Keys are considered old if they are revoked or obsolete. Keys marked as either kskrev
or zskrev are revoked; keys marked as either kskobs or zskobs are obsolete. Archived keys are prefixed with the seconds-since-epoch as a
means of distinguishing a zone's keys that have the same five digit number.
If the required file argument is a keyrec file, then expired keys listed in that file are archived. If the file argument is a rollrec
file, the keyrec files of the zones in that file are checked for expired keys.
If the -zone option is given, then only revoked and obsolete keys belonging to the specified zone will be archived.
The archive directory is either zone-specific (listed in the zone's keyrec record in the zone's keyrec file) or the default archive
directory given in the DNSSEC-Tools configuration file.
The count of archived keys is given as the program's exit code. Error exit codes are negative.
OPTIONS
The following options are recognized:
-zone zone_file
Name of the zone whose KSKs will be archived. If this is not given, then all the zones defined in the rollrec file will be checked.
-kskonly
Only archive KSK keys.
-zskonly
Only archive ZSK keys.
-dtconfig config_file
Name of an alternate DNSSEC-Tools configuration file to be processed. If specified, this configuration file is used in place of the
normal DNSSEC-Tools configuration file not in addition to it. Also, it will be handled prior to keyrec files, rollrec files, and
command-line options.
-quiet
No output will be given.
-verbose
Verbose output will be given.
-help
Display a usage message.
-Version
Displays the version information for keyarch and the DNSSEC-Tools package.
EXIT VALUES
On success, keyarch's exit code is the number of keys archived.
keyarch has a 0 exit code if the help message is given.
keyarch has a negative exit code if an error is encountered.
COPYRIGHT
Copyright 2007-2012 SPARTA, Inc. All rights reserved. See the COPYING file included with the DNSSEC-Tools package for details.
AUTHOR
Wayne Morrison, tewok@tislabs.com
SEE ALSO
rollerd(8), zonesigner(8)
Net::DNS::SEC::Tools::conf.pm(3), Net::DNS::SEC::Tools::dnssectools.pm(3), Net::DNS::SEC::Tools::defaults.pm(3),
Net::DNS::SEC::Tools::keyrec.pm(3), Net::DNS::SEC::Tools::rollrec.pm(3)
keyrec(5), rollrec(5)
perl v5.14.2 2012-06-21 KEYARCH(1p)