Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
To: cygwin AT cygwin DOT com
Subject: Re: Passwordless login with ssh
References: <bmkmdl$82i$1 AT sea DOT gmane DOT org>
	<20031016081208 DOT GB28997 AT cygbert DOT vinschen DOT de>
	<bmmbha$43f$1 AT sea DOT gmane DOT org>
From: "Steven E. Harris" <seharris AT raytheon DOT com>
Organization: Raytheon
Date: Thu, 16 Oct 2003 09:31:05 -0700
Message-ID: <q67ismpywja.fsf@raytheon.com>
User-Agent: Gnus/5.1002 (Gnus v5.10.2) XEmacs/21.4 (Rational FORTRAN,
 cygwin32)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit

Andrew DeFaria <Andrew AT DeFaria DOT com> writes:

> Now for ssh-user-config:
>
> $ ssh-user-config
> Shall I create an SSH1 RSA identity file for you? (yes/no) yes
> Generating /us/adefaria/.ssh/identity
> Enter passphrase (empty for no passphrase):
> Enter same passphrase again:
> Do you want to use this identity to login to this machine? (yes/no) yes
> Adding to /us/adefaria/.ssh/authorized_keys

[...]

Now both your public and private keys are in your "adefaria" home
directory, and your public key is noted as authorized for login to
whatever host you're running on here.

> $ ssh adefaria id
> adefaria AT adefaria's password:
> uid=1370(adefaria) gid=513(Domain Users)
> groups=1834(clearcase),512(Domain Admins),513(Domain
> Users),2637(Employees-US-Security),1170(Everybody),1331(Software),1866(Software-US-Security)
>
> As you can see ssh-user-config did not change the need to enter my
> password for ssh.

On what host are you running the ssh client here? Is your home
directory still the same "adefaria" on this host? It's not clear from
your example which hosts are involved, and I suspect the problem is
that your public and private keys are sitting in the right place on
the server, but you don't have your keys available on the client
host.

Usually key generation and adding a new public key to the
authorized_keys file don't take place on the same host. With Debian's
ssh package¹, there's a script called ssh-copy-id² that adds a local
key to a remote host's authorized_keys file. I was surprised to find
that the Cygwin ssh-user-config script didn't offer to do the remote
addition, as adding the key to the local host's authorized_keys file
will only help if you move the key pair elsewhere, or have access to
the same home directory from multiple hosts.


Footnotes: 
¹ http://packages.debian.org/stable/net/ssh.html
² http://www.eviladmin.org/cvs/cvsweb.cgi/contrib/ssh-copy-id

-- 
Steven E. Harris        :: seharris AT raytheon DOT com
Raytheon                :: http://www.raytheon.com

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/