Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Message-Id: <3.0.5.32.20030304210257.02210760@mail.earthlink.net>
X-Sender: rwcitek AT mail DOT earthlink DOT net
Date: Tue, 04 Mar 2003 21:02:57 -0600
To: <cygwin AT cygwin DOT com>
From: Robert Citek <rwcitek AT alum DOT calberkeley DOT org>
Subject: crib sheet: ssh single-login/no password ( was Re: ssh-keygen )
In-Reply-To: <01cd01c2e2be$45fcbc50$6400a8c0@EMachine>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"


At 08:23 PM 3/4/2003 -0600, Joshua S. Abbott wrote:
>hello i have cygwin and need to create and install ssh keys....I am in
>/home/AndrewWallace and .ssh is under that I use:  ssh-keygen -t rsa -f
>mysshkey  then ssh-keygen -t rsa -f .ssh/id_rsa/ -N ""  .... the I try to
>connect to the server and it give "Permission Denied (Public Key)" :'(

Since I have seen this type of question more than a few times, here's my
crib sheet.  Feel free to modify.

Regards,
- Robert

-----
(c) 2003 - Robert Citek

For OpenSSH 2.5.2 or greater under Cygwin: access without using a password
or with single-login.  Assuming you want to connect from machine A to
machine B using ssh.

== blank passphrase

1) generate private/public keys on A
   $ ssh-keygen -t dsa
   press enter when it asks for the filename
   press enter when it asks for the passphrase (yes, a blank passphrase)
   this will generate two files: ~/.ssh/id_dsa and ~/.ssh/id_dsa.pub

2) put ~/.ssh/id_dsa.pub from A into ~/.ssh/authorized_keys2 on B
   $ cat ~/.ssh/id_dsa.pub | ssh B 'cat >> ~/.ssh/authorized_keys2'

3) make sure all files are not writable or readable except by owner
   do this on A and B
   $ chmod a-x,go-w,o-r ~/.ssh/*

4) verify it works
   $ ssh B ls -la

== single-logon

1) generate private/public keys on A
   $ ssh-keygen -t dsa
   press enter when it asks for the filename
   enter a passphrase
   this will generate two files: ~/.ssh/id_dsa and ~/.ssh/id_dsa.pub

2) put ~/.ssh/id_dsa.pub from A in ~/.ssh/authorized_keys2 on B
   $ cat ~/.ssh/id_dsa.pub | ssh B 'cat >> ~/.ssh/authorized_keys2'

3) make sure all files are not writable or readable except by owner
   do this on A and B
   $ chmod a-x,go-w,o-r ~/.ssh/*

4) use ssh-agent to manage passphrases
   $ eval $(ssh-agent)

5) make agent aware of passphrases
   $ ssh-add   # enter the appropriate passphrase for each remote host

6) verify everything works
   $ ssh B ls -la


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/