[NCLUG] ssh2 - hostbased authentications
Quent
quent at pobox.com
Thu Nov 30 10:45:16 MST 2000
You could generate a key for "root" with no passphrase and use an
"authorized_keys" file on the remote host in the /.ssh directory.
It's a bit risky though.
Quent
On Tue, Nov 28, 2000 at 01:25:09AM +0000, dobbster wrote:
> Hi,
>
> I've been grappling in the dark with this for days now... I am very
> puzzled and would be grateful for any suggestions.
>
> I am trying to figure out how to rsync directories over ssh. The
> problem I seem to have is using the "hostbased" authentication with
> sshd2. I figure this is the only way that I can cron my rsync's,
> because otherwise I would have to use a password. (Is there a better
> way...?)
>
> Following the man pages, I created the hostkey.pub file on my "local"
> system, and copied this file to
> /etc/ssh2/knownhosts/192.168.0.1.ssh-dss.pub on the "remote" system.
> (Obviously this is not the real IP address!)
>
> Next, I created a /root/.shosts on the remote system with one line,
> "192.168.0.1 root".
>
> In /etc/ssh2/sshd2_config, I have 'AllowedAuthentications hostbased'.
>
> One more thing: The "local" system's IP address is not associated with
> a FQDN. This is why I used the IP address in the .pub file. On the
> other hand, I've also tried this with the local system's hostname
> 'system1' and entered '192.168.0.1 system1' into /etc/hosts on the
> "remote" system, and copied the "local" hostkey.pub to the "remote"
> /etc/ssh2/knownhosts/system1.ssh-dss.pub. Still no luck.
>
> Running /usr/local/sbin/sshd2 -v gives me this eventual result:
>
> debug: Sshd2/sshd2.c:349/auth_policy_proc: user 'root' service
> 'ssh-connection' client_ip '192.168.0.1' client_port '2721' completed ''
> debug: Sshd2/sshd2.c:476/auth_policy_proc: output: hostbased
> debug: Ssh2Common/sshcommon.c:132/ssh_common_disconnect: DISCONNECT
> received: No further authentication methods available.
> sshd2[989]: Remote host disconnected: No further authentication methods
> available.
> debug: Sshd2/sshd2.c:95/server_disconnect: locally_generated = FALSE
> sshd2[989]: no more authentication methods on remote: 'No further
> authentication methods available.'
> debug: Exiting event loop
>
> Any ideas? Am I completely clueless?
>
> Thanks,
>
> Mark (dobbster at frii.com)
> _______________________________________________
> NCLUG mailing list
> NCLUG at nclug.org
> http://www.nclug.org/mailman/listinfo/nclug
>
>
More information about the NCLUG
mailing list