Re: Experiences with 7.0-CURRENT and vmware.

From: Peter Jeremy <peterjeremy_at_optushome.com.au>
Date: Fri, 11 May 2007 17:45:24 +1000
On 2007-May-10 11:13:26 +0000, Darren Reed <darrenr_at_hub.freebsd.org> wrote:
>Oh, and how do I fix ssh/rsh to do passwordless sessions?

Assuming you are using OpenSSH on both ends, use HostBasedAuthentication:
Client side:
- make /usr/libexec/ssh-keysign setuid root
- add the server's host key to known_hosts
- Set "HostbasedAuthentication yes" and "EnableSSHKeysign yes" in config

Server side:
- add the client's host key to /etc/ssh/ssh_known_hosts
- Set "HostbasedAuthentication yes" and "IgnoreRhosts no" in
  /etc/ssh/sshd_config.
  You may also need "PermitRootLogin without-password"
- Add the relevant entry to ~/.shosts
- Make sure ~/ and ~/.shosts are only writable by the owner

I think that's all but I'm working from memory so I may have missed
an option somewhere.  ssh debugging options are very useful for
working out why it isn't working.

-- 
Peter Jeremy

Received on Fri May 11 2007 - 05:45:26 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:10 UTC