Changes between Initial Version and Version 1 of OpenSsh

05/08/06 13:34:25 (13 years ago)



  • OpenSsh

    v1 v1  
     1== Creating a keypair == 
     3Creating a key for your user is straighforward: 
     5ssh-keygen -t rsa # enter a passphrase different from your password 
     6chmod 755 ~/.ssh 
     7cat ~/.ssh/ >> ~/.ssh/authorized_keys 
     8chmod 644 ~/.ssh/authorized_keys 
     9eval `ssh-agent`; ssh-add 
     12See the 
     13[ Red Hat Sysadmin Guide] 
     14for more detailed step-by-step instructions.  
     16The command {{{eval `ssh-agent`; ssh-add}}} loads your private key into  
     17memory so that you don't need to type your passphrase more than once. 
     18You need to run that command each time you log in. 
     20== More details == 
     22Most authentication between linux machines is done with SSH, 
     23specifically with public-key verification through host keys 
     24and personal keys. Host key signatures are kept on each 
     25machine in `/etc/ssh/ssh_known_hosts` so you should ''never'' 
     26see a message for a SIG machine like this one for vergil 
     28 The authenticity of host 'vergil.u (' can't be established. 
     29 DSA key fingerprint is 30:24:b6:7c:35:76:fd:c3:45:de:9d:02:ef:1f:cd:0d. 
     30 Are you sure you want to continue connecting (yes/no)? no 
     31 Host key verification failed. 
     34There are two versions of the SSH protocol, we only allow 
     35protocol 2 since most clients support it (not TeraTermSSH, 
     36though--you'll need to use the SSH client from the UWICK). 
     38RSA is the faster algorithm (and has some other advantages), but  
     39because for a long time it was patented the default algorithm  
     40was DSS (DSA host keys with SHA-1 encryption).  
     41The patent has now expired and RSA should be used in the future, 
     42though there is no hurry to convert existing uses from DSS. 
     45For more information, see 
     46 * [ The OpenSSH FAQ] 
     47 * [ Red Hat Sysadmin Guide]