[Gllug] Passwordless SSH
Nix
nix at esperi.org.uk
Sat Aug 27 22:51:59 UTC 2005
On Fri, 26 Aug 2005, James McGuigan spake:
> cat ~/.ssh/id_dsa.pub | ssh remote.host.org tee -a ~/.ssh/authorized_keys
Congratulations! You are the Useless Use of Cat Award Winner for August 2005!
> Though for some odd reason, it doesn't seem to let me do a passwordless ssh login to
> localhost (not that I can see any reason to ssh to localhost except for testing)
That's very useful. I use it instead of su basically all the time; it
gets you all the usual cryptographic security, passwordless login, and X
connection forwarding across users stuff, and also gives you things like
command= in the key for specialized one-purpose keys:
randomuser $ ssh backup at localhost
Backup commencing...
Another example: my compilation scripts have a specialized key which
fires off the install/stow phase of compilation; the compile-time side
of these scripts ssh's to root at localhost with that key. In root's
authorized_keys, the key has a command= and a from= stipulated, so the
connection must come from localhost and always does the same thing ---
runs the install/stow-phase script. You can't pass arbitrary parameters
that way, so I rejigged the install-time side of things so it could
optionally take its parameters from a file, and then look for the file
in the same place as the secret key for that connection. :)
--
`... published last year in a limited edition... In one of the
great tragedies of publishing, it was not a limited enough edition
and so I have read it.' --- James Nicoll
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list