Table of Contents
Advertisement
that is also easy to use. Because it is meant to replace rsh and rlogin, SSH must also be
able to provide an authentication method appropriate for daily use. SSH accomplishes
this by way of another key pair, which is generated by the user. The SSH package
provides a helper program for this: ssh-keygen. After entering ssh-keygen -t rsa
or ssh-keygen -t dsa, the key pair is generated and you are prompted for the base
filename in which to store the keys.
Confirm the default setting and answer the request for a passphrase. Even if the software
suggests an empty passphrase, a text from 10 to 30 characters is recommended for the
procedure described here. Do not use short and simple words or phrases. Confirm by
repeating the passphrase. Subsequently, you will see where the private and public keys
are stored, in this example, the files id_rsa and id_rsa.pub.
Use ssh-keygen -p -t rsa or ssh-keygen -p -t dsa to change your old
passphrase. Copy the public key component (id_rsa.pub in the example) to the re-
mote machine and save it to ~/.ssh/authorized_keys. You will be asked to
authenticate yourself with your passphrase the next time you establish a connection. If
this does not occur, verify the location and contents of these files.
In the long run, this procedure is more troublesome than giving your password each
time. Therefore, the SSH package provides another tool, ssh-agent, which retains the
private keys for the duration of an X session. The entire X session is started as a child
process of ssh-agent. The easiest way to do this is to set the variable usessh at the
beginning of the .xsession file to yes and log in via a display manager, such as
KDM or XDM. Alternatively, enter ssh-agent startx.
Now you can use ssh or scp as usual. If you have distributed your public key as described
above, you are no longer prompted for your password. Take care of terminating your
X session or locking it with a password protection application, such as xlock.
All the relevant changes that resulted from the introduction of version 2 of the SSH
protocol are also documented in the file /usr/share/doc/packages/openssh/
README.SuSE.
SSH: Secure Network Operations
831
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Novell LINUX ENTERPRISE SERVER 10 - INSTALLATION AND ADMINISTRATION 11-05-2007
Related Products for Novell LINUX ENTERPRISE SERVER 10 - INSTALLATION AND ADMINISTRATION 11-05-2007
- NOVELL BUSINESS CONTINUITY CLUSTERING FOR NETWARE 1.1 - ADMINISTRATION
- NOVELL BUSINESS CONTINUITY CLUSTERING 1.1 SP2 - ADMINISTRATION
- NOVELL LINUX ENTERPRISE 11 - HIGH AVAILABILITY
- NOVELL LINUX ENTERPRISE DESKTOP 11 - GNOME
- NOVELL LINUX ENTERPRISE DESKTOP 11 - KDE
- NOVELL LINUX ENTERPRISE SERVER 10 - ARCHITECTURE-SPECIFIC INFORMATION 11-12-2006
- NOVELL LINUX ENTERPRISE 11 SP1 - LINUX AUDIT
- Novell LINUX ENTERPRISE SERVER 11 SUSE
- NOVELL DATA SYNCHRONIZER - UPDATE 1
- NOVELL LINUX ENTERPRISE SERVER 10 SP1 - ARCHITECTURE-SPECIFIC INFORMATION 15-03-2007
- NOVELL LINUX ENTERPRISE SERVER 10 SP3 - ARCHITECTURE-SPECIFIC
- NOVELL ZENWORKS 10 CONFIGURATION MANAGEMENT SP3 - COMMAND LINE UTILITIES REFERENCE 10.3 30-03-2010
- NOVELL APPARMOR 1.2 - QUICK GUIDE AND
- NOVELL APPARMOR 1.2
- NOVELL OPEN WORKGROUP SUITE SMALL BUSINESS EDITION 9.3 - ADMINISTRATION 10-2007
- Novell SUSE LINUX ENTERPRISE DESKTOP 10 SP1 KDE