|
![](/i/fill.gif) |
On Tue, 13 Sep 2011 20:15:17 +0100, Orchid XP v8 wrote:
>>> The solution may not be complex. Trying to find it in the
>>> documentation often is.
>>
>> man sshd_config
>>
>> Search manpage.
>
> And now there are *two* problems... ;-)
>
> In seriousness, manpages are, by definition, *reference* documentation.
> What the standard Unix system lacks entirely is any kind of
> *explanation*.
Depends on the manpage.
PasswordAuthentication
Specifies whether password authentication is allowed. The
default is “yes”.
Seems pretty straightforward to me.
>>> Now explain how to generate a keypair and put the public half on the
>>> list of acceptable clients.
>>
>> ssh-keygen
>>
>> Then copy the id_rsa.pub (or id_dsa.pub) file to the ~/.ssh directory
>> on the target system.
>>
>> Problem solved.
>
> That's... interesing. I'm damned /sure/ the manpage said to put the
> files into /etc/sshd or similar. And to edit the SSH configuration file
> to tell it what (local) user account goes with a given key. And how many
> simultaneous logins that user can have, what their shell is, and a bunch
> of other complicated stuff...
There's a difference between configuring sshd and using the public key for
authentication.
You *can* do a host key, but in most cases it's not necessary:
Normally each user wishing to use SSH with public key authentication runs
this once to create the authentication key in ~/.ssh/identity,
~/.ssh/id_ecdsa, ~/.ssh/id_dsa or ~/.ssh/id_rsa. Additionally, the sys-
tem administrator may use this to generate host keys, as seen in /etc/rc.
Jim
Post a reply to this message
|
![](/i/fill.gif) |