X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-3.3 required=5.0	tests=AWL,BAYES_00,KHOP_THREADED,RP_MATCHES_RCVD,SPF_HELO_PASS
X-Spam-Check-By: sourceware.org
To: cygwin AT cygwin DOT com
From: Andrew DeFaria <Andrew AT DeFaria DOT com>
Subject: Re: Passwordless authentication between two domains.
Date: Wed, 28 Nov 2012 13:10:15 -0800
Lines: 52
Message-ID: <k95ujm$o61$1@ger.gmane.org>
References: <1353433612060-94427 DOT post AT n5 DOT nabble DOT com> <k8ghdb$kps$1 AT ger DOT gmane DOT org> <1354127875 DOT 88050 DOT YahooMailNeo AT web122106 DOT mail DOT ne1 DOT yahoo DOT com> <20121128200904 DOT M70718 AT ds DOT net> <1354134069143-94590 DOT post AT n5 DOT nabble DOT com> <k95si1$5a7$1 AT ger DOT gmane DOT org> <1354136009 DOT 21649 DOT YahooMailNeo AT web122105 DOT mail DOT ne1 DOT yahoo DOT com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/17.0 Thunderbird/17.0
In-Reply-To: <1354136009.21649.YahooMailNeo@web122105.mail.ne1.yahoo.com>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On 11/28/2012 12:54 PM, anulav2 wrote:
> Yes, i meant passphrase.
> Diff does not return anything, meaning keys are fine.
No meaning the keys are *not* fine. As I said twice now:

I believe, since these are two different domains, that the generated 
keys will *NOT* be the same. If they are the same then regenerate them 
on both machines and compare them again.

You need to read carefully. Note the *NOT* portion above. I believe that 
since the domains are different the ssh keys will be different. So diff 
should not return nothing but rather it should return that there are 
indeed differences between Domain A:~/.ssh/id_dsa.pub and Domain 
B:~/.ssh/id_dsa.pub. If not then log into Domain A and do the ssh-keygen 
-t dsa and then log into Domain B and do the ssh-keygent -t dsa there. 
They both should produce a ~/.ssh/id_dsa.pub file and those two files 
should be different. This would also mean that you cannot share home 
directories between two different domains...
> And i have tried regenerating them again.
> I have added rsa.pub files to authorized_keys on remote servers. No luck.
>
>
>
> ________________________________
>   From: Andrew DeFaria-2 [via Cygwin] <ml-node+s1069669n94591h6 AT n5 DOT nabble DOT com>
> To: anulav2 <anulav2 AT yahoo DOT com>
> Sent: Wednesday, November 28, 2012 2:36 PM
> Subject: Re: Passwordless authentication between two domains.
>   
>
> On 11/28/2012 12:21 PM, anulav2 wrote:
>> ssh-keygen -t dsa
>> and password was empty.
> I believe you mean passphrase...
>
> What about these issues I mentioned:
>
> Additionally is ~/.ssh/id_rsa.pub the same on both machines? (Does diff
> return no differences?). I believe, since these are two different
> domains, that the generated keys will not be the same. If they are the
> same then regenerate them on both machines and compare them again.
>
> Also, ~/.ssh/id_rsa.pub from Domain A should be added to the
> ~/.ssh/authorized_keys on Domain B and visa versa from Domain B ->
> Domain A.
>
> Finally, can you do passwordless authentication between two different
> machines in Domain A?

-- 
Andrew DeFaria <http://defaria.com>
What do people in China call their good plates?


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple