[ale] automating an ssh script?

ChangingLINKS.com x3 at ChangingLINKS.com
Thu Jul 25 10:56:51 EDT 2002


I really hate to bug you about this. I have been reading the man pages, and 
guessing at this process - but I keep meeting resistance. Could you please 
show me what needs to be done command line by command line? I even tried 
connecting ssh to my local machine (because some web page implied it). Please 
please please help me by giving me *exactly* what I enter line by line.

1. Here is what I thought would work:
ssh-agent               //just to see the output
eval `ssh-agent`       //to get the agent running and see the output
Add  eval `ssh-agent` to your ~/.bash_profile    //so service to run on login?
 touch  ~/.ssh/identity  //did this because trying to run ssh-add did not work
 chmod 400 ~/.ssh/identity //did this because ssh-add complained
ssh-add ~/.ssh/identity // did this because I just don't understand anything
ssh-keygen -p password   //to create the public and private key files?


2. Now when I try to ssh to my server, it does ALL of this everytime:
[werd at change werd]$ ssh user at shell1.host.com
Enter passphrase for key '/home/werd/.ssh/identity': 
Enter passphrase for key '/home/werd/.ssh/identity': 
Enter passphrase for key '/home/werd/.ssh/identity': 
user at shell1.host.com's password: 
Last login: Thu Jul 25 07:47:22 2002 from adsl-33-146-210.asm.bellsouth.net
[user at shell1 user]$

So, now I have something LESS convienient than before. Not sure why it asks 
for the passphrase 3 times (reminds me of Austin Powers "the spy who shagged 
me" where Austin had to ask a secret agent questions 3 times before the agent 
would finally spill the secret. I am so lost.


On Thursday 25 July 2002 00:44, Joseph A Knapka wrote:
> "ChangingLINKS.com" wrote:
> > K, I was following the directions on:
> > http://www-106.ibm.com/developerworks/linux/library/l-keyc2/
> > to try to get ssh-agent to work. Unfortunately, I ran into something
> > that does not seem to be covered by the directions.
> >
> > I got to a point where it wanted my passphrase. I hit it with
> > every passphrase I could think of and . . . see result below.
> > Here's the history:
> >
> > Question? Does anyone know what is going on?
>
> Yes.
>
> > [werd at funker werd]$ ssh-agent
> > SSH_AUTH_SOCK=/tmp/ssh-XXRTZLfH/agent.3271; export SSH_AUTH_SOCK;
> > SSH_AGENT_PID=3272; export SSH_AGENT_PID;
> > echo Agent pid 3272;
> > [werd at funker werd]$
> > [werd at funker werd]$
> > [werd at funker werd]$
> > [werd at funker werd]$ eval `ssh-agent`
> > Agent pid 3274
> > [werd at funker werd]$ ssh-add ~/.ssh/identity
> > /home/werd/.ssh/identity: No such file or directory
>
> (1) Use ssh-keygen to generate ~/.ssh/identity and ~/.ssh/identity.pub.
> The first is your personal private key, the second is your personal
> public key.
>
> > [werd at funker werd]$ touch  ~/.ssh/identity
> > [werd at funker werd]$  ssh-add ~/.ssh/identity
> > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> > @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
> > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
>
> (2) Be sure that ~/.ssh/identity is writable by no one, and
> readable only by you. IOW "chmod 400 ~/.ssh/identity".
>
> > Permissions 0664 for '/home/werd/.ssh/identity' are too open.
> > It is recommended that your private key files are NOT accessible by
> > others. This private key will be ignored.
> > bad permissions: ignore key: /home/werd/.ssh/identity
> > Enter passphrase for /home/werd/.ssh/identity:
> >
> > [werd at funker werd]$ chmod 700 /home/werd/.ssh/identity
> > [werd at funker werd]$  ssh-add ~/.ssh/identity
> > Enter passphrase for /home/werd/.ssh/identity:
>
> (3) ssh-keygen will ask you for a passphrase when you generate
> your keys. You may enter nothing, which is very convenient
> but very insecure. A good passphrase must have good
> "entropy", which is crypto-speak for "lotsa letters". "Thanks
> to Microsoft, I am now blind in both eyes" might be a
> half-decent passphrase.
>
> Cheers,
>
> -- Joe
>
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should
> be sent to listmaster at ale dot org.

-- 
Wishing you Happiness, Joy and Laughter,
Drew Brown
http://www.ChangingLINKS.com

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list