Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I tried. When I used the command "ssh-keygen -t dsa -f ~/.ssh/mykey" it asked to enter a passphrase. I entered a password.
After doing all these steps that you have suggested, I tried to ssh. The it again asked to enter "passphrase". So, it is not realy a passwordless connection. LAM/MPI requies connection without any external input.
Is there any thing missing?
Thanks.
Manoj
Did you add new public key file (with passphrase) to authorized key file of remote SSH server?
Like:
cat user_id.pub >> authorized_keys
There is:
user_id.pub - Your public key file with is create on your computer with "passphrase"
authorized_keys - Remote SSH server authorized key file
I tried. When I used the command "ssh-keygen -t dsa -f ~/.ssh/mykey" it asked to enter a passphrase. I entered a password.
After doing all these steps that you have suggested, I tried to ssh. The it again asked to enter "passphrase". So, it is not realy a passwordless connection. LAM/MPI requies connection without any external input.
Is there any thing missing?
Thanks.
Manoj
dont enter password when generating just do a "enter" hit when asked !
set timeout 180
set machine [lindex $argv 0]
set username [lindex $argv1]
set password [lindex $argv 2]
spawn ssh $username@$machine
expect "$username@$machine's password: "
send "$password\n"
interact
Thanks for posting this solution; however I found a bug:
if password begins with "-" it doesn't work. It interprets the password as an option. What can be done?
Originally posted by Y0jiMb0 Thanks for posting this solution; however I found a bug:
if password begins with "-" it doesn't work. It interprets the password as an option. What can be done?
It was posted by vineet.k; it automates the process of ssh-ing. If you call it "sshlogin" (and give it proper permissions) it runs like this:
Code:
sshlogin node1 abc xyz
and what it does is: log into machine "node1", with username "abc" and password "xyz".
You can execute inside another script and you don't have to be prompted for the password every time. I know it is risky and ugly if you want, but I cannot manage to get working the public key stuff (as I don't have root access to the listener machine I don't know if I will be able to solve that question; I believe it is related to some conf file)
I hope to have clarified your question...
Anyway, mine still remains: how (un)secure is this thing?
If your password starts with - then try using " " [quotes].
I have not tried this. Hope this should work.
Or sometimes it may take " " as a part of your password.
Every coin has two sides.
Got any other solution for this issue ?
One more problem is there. Since you are spawning a program with another, the child process will be limited to use the total memory allocated for the parent process.
Try sshlogin to a machine and then try listing ( ls -l ) a directory with not less that 100 files. At times the ls will go into an infinite loop, you can get out of it. (Even with Cntrl + C). Since it is a seperate process.
If your password starts with - then try using " " [quotes].
I have not tried this. Hope this should work.
Or sometimes it may take " " as a part of your password.
Indeed I tried it and yes, it considers " just another character of the password.
If must be something simple, but I can't find the good side of the coin...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.