LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 05-15-2012, 10:55 AM   #1
Ronayn
Member
 
Registered: Jan 2006
Posts: 55

Rep: Reputation: 0
ssh host-based authentification on FC14


This is a follow-on question to: http://www.linuxquestions.org/questi...ccount-927887/

I am trying to mimic rlogin/rsh with slogin/ssh. I think I have the gist of HBA with ssh, but what I dont get is why it needs the keys of other machines to be in /etc/ssh_known_hosts?

The specific problem I am having regards the installation process I use to configure new servers. Each new server is configured one at a time. For rlogin/rsh this is not a problem because I can set up .rhosts with the information I have beforehand (server names and IP addresses). After configuring all the clusters, rlogin/rsh just works -- no other configuration for it is needed.

With ssh, even with HBA, it appears that the keys of the other servers are needed for it to work. Of course, I cant provide those keys until after I have all the servers configured and the network up. This is problematic when I dont have all the servers at hand to configure (such as when I need to configure a replacement server locally).

Is there a way to make ssh behave exactly like ssh (doesnt use/lookfor keys)? Is it possible to make all the servers have the same public key? (So I could create a known_hosts file based on that one public key, in advance and place it in /etc/ssh during the configuration?)
 
Old 05-16-2012, 08:04 PM   #2
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,251

Rep: Reputation: 2026Reputation: 2026Reputation: 2026Reputation: 2026Reputation: 2026Reputation: 2026Reputation: 2026Reputation: 2026Reputation: 2026Reputation: 2026Reputation: 2026
1.
Quote:
Is there a way to make ssh behave exactly like ssh (doesnt use/lookfor keys)?
Use passwds instead; ssh-auth-keys is only an option, its not compulsory

2.
Quote:
Is it possible to make all the servers have the same public key?
http://www.thegeekstuff.com/2008/11/...n-ssh-copy-id/ .. and ssh-copy-id same key to all systems
NB: This is obviously NOT as secure as a separate key per system ...
Ideally a separate key per user per system is advised; remember this is effectively replacing passwds and as such similar guidelines apply.

Last edited by chrism01; 05-16-2012 at 08:05 PM.
 
1 members found this post helpful.
  


Reply

Tags
authentication, ssh


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
what is the difference between host-based and pub-key auth in ssh? archnemesis Linux - Newbie 2 12-20-2011 06:34 PM
ssh: connect to host .....No route to host soumyacs Linux - Newbie 5 10-27-2009 10:03 AM
Fedora 10/unable to ssh out from box to remote host (SSH within LAN ok) huskeypm Linux - Networking 3 04-14-2009 07:37 PM
host based authentication using ssh with different users on the server powah Linux - Security 5 06-21-2007 01:54 AM
How to setup a host.deny and host.allow for SSH? explorer1979 Linux - Security 2 01-31-2005 05:28 PM


All times are GMT -5. The time now is 10:46 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration