[TriLUG] how-to: preshare ssh key
Matthew Pusateri
mpusateri at wickedtrails.com
Tue Jun 3 23:04:46 EDT 2008
++ for keychain! For those who don't know, it allows you to still
have a passphrase on your private keys, but will cache the passphrase
on logout, so that scripts that run over ssh via cron can still
execute. I set mine up to prompt for a key when I log in, and then
kill the key on reboot. So if your system is compromised they
probably will get access to your keychain and thus be able to ssh as
you without a passphrase b/c it's cached. But this is still better
than no passphrase at all, because if they install anything(trojan/
binaries, etc) and try to reboot the server to make them take affect,
then they loose the cached passphrase.
Here's a better write up on it.
http://www.gentoo.org/proj/en/keychain/
Matt P.
On Jun 3, 2008, at 1:32 PM, Jim Tuttle wrote:
> This might help. http://braggtown.com/sshauth.html
>
> Jim
>
> Warren Myers wrote:
>> I need to set up rsync between a pair of servers and want to use
>> ssh to
>> accomplish that.
>>
>> However, I don't want to be entering the passwords of those users
>> constantly.
>>
>> How do I go about pre-sharing the server keys between the target
>> and source
>> machines?
>>
>> Or, is there a better way to do this than I have currently out-lined?
>>
>> WMM
>>
>
>
> --
> --
> ---Jim Tuttle
> ------------------------------------------------------
> http://www.braggtown.com
> PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x69B69B08
>
> --
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG FAQ : http://www.trilug.org/wiki/Frequently_Asked_Questions
More information about the TriLUG
mailing list