ssh / ssh-key -- its always asking for passphrase
I'm trying to set up ssh, so I dont have to enter a password or passphrase when connecting to a box... ( not that it really bothers me.. but goal of all this is so i can create a script and pull off files from a few computers via scp )...
I have created the id_dsa & id_dsa.pub, and copied the *.dsa file to the remote(HOST) computer, placed it in the /home/.ssh dir with a name of authorized_key2
Once this was done, I could connect from my computer to the remote(HOST -- in my bedroom.. not really remote) via ssh.. but it would ask for the passphrase... not the password.. so I think it is working half way... (it did accept my passphrase.. and let me into the system).
I was not alrmed the first time, because it seems that is normal the first time you connect. But the weird part is.. that it has never stops asking.. everytime I connet.. it ask for the passphrase.
Any Idea on how I can get around this... because when I try the scp file.. it has no way of entering the passphrase.. it will be a cron job.
This is on a SuSE 7.3 box
Here is a copy of my /etc/ssh/ssh_config file:
# $OpenBSD: ssh_config,v 1.10 2001/04/03 21:19:38 todd Exp $
# This is ssh client systemwide configuration file. See ssh(1) for more
# information. This file provides defaults for users, and the values can
# be changed in per-user configuration files or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for various options
# ForwardAgent no
# ForwardX11 no
# RhostsAuthentication no
# RhostsRSAAuthentication yes
# RSAAuthentication yes
# DSAAuthentication yes
# PasswordAuthentication no
# FallBackToRsh no
# UseRsh no
# BatchMode no
# CheckHostIP yes
# StrictHostKeyChecking yes
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_dsa
# IdentityFile ~/.ssh/id_rsa
# Port 22
# Cipher blowfish
# EscapeChar ~
Option 1) If the remote box you connect from is considered secure enough, you may provide an empty passphrase for the key pair. This may be done using, ssh-keygen -p .ssh/id_dsa but beware, the private key will be stored unencrypted on the disk. ( This is what I do to connect to my home box from work, but whether you want to follow this road is debatable especially if it involves anything serious)
Option 2) see man ssh-agent. Possible answer to your prayers. You can run the commands that need the passphrase using ssh-agent (it will store the encrypted password in the physical memory the first time you supply it) You wont need to enter the password again until you quit your session.
|All times are GMT -5. The time now is 10:10 PM.|