X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=1.4 required=5.0	tests=AWL,BAYES_00,DKIM_ADSP_CUSTOM_MED,FORGED_YAHOO_RCVD,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,KHOP_THREADED,NML_ADSP_CUSTOM_MED,URI_HEX
X-Spam-Check-By: sourceware.org
Date: Wed, 28 Nov 2012 13:21:38 -0800 (PST)
From: anulav2 <anulav2 AT yahoo DOT com>
To: cygwin AT cygwin DOT com
Message-ID: <1354137687.39813.YahooMailNeo@web122104.mail.ne1.yahoo.com>
In-Reply-To: <k95ujm$o61$1@ger.gmane.org>
References: <1353433612060-94427 DOT post AT n5 DOT nabble DOT com> <k8ghdb$kps$1 AT ger DOT gmane DOT org> <1354127875 DOT 88050 DOT YahooMailNeo AT web122106 DOT mail DOT ne1 DOT yahoo DOT com> <20121128200904 DOT M70718 AT ds DOT net> <1354134069143-94590 DOT post AT n5 DOT nabble DOT com> <k95si1$5a7$1 AT ger DOT gmane DOT org> <1354136009 DOT 21649 DOT YahooMailNeo AT web122105 DOT mail DOT ne1 DOT yahoo DOT com> <k95ujm$o61$1 AT ger DOT gmane DOT org>
Subject: Re: Passwordless authentication between two domains.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id qASLLm1f032060

Andrew,
Keys will "ALWAYS" be different irrespective if it is two servers on same or different domain. 
That is the whole point of copying keys to remote servers authorized_keys file. Else one could just "cat" its own key in its own authorized_keys file, right?



________________________________
 From: Andrew DeFaria-2 [via Cygwin] <ml-node+s1069669n94593h68 AT n5 DOT nabble DOT com>
To: anulav2 <anulav2 AT yahoo DOT com> 
Sent: Wednesday, November 28, 2012 3:11 PM
Subject: Re: Passwordless authentication between two domains.
 

On 11/28/2012 12:54 PM, anulav2 wrote: 
> Yes, i meant passphrase. 
> Diff does not return anything, meaning keys are fine. 
No meaning the keys are *not* fine. As I said twice now: 

I believe, since these are two different domains, that the generated 
keys will *NOT* be the same. If they are the same then regenerate them 
on both machines and compare them again. 

You need to read carefully. Note the *NOT* portion above. I believe that 
since the domains are different the ssh keys will be different. So diff 
should not return nothing but rather it should return that there are 
indeed differences between Domain A:~/.ssh/id_dsa.pub and Domain 
B:~/.ssh/id_dsa.pub. If not then log into Domain A and do the ssh-keygen 
-t dsa and then log into Domain B and do the ssh-keygent -t dsa there. 
They both should produce a ~/.ssh/id_dsa.pub file and those two files 
should be different. This would also mean that you cannot share home 
directories between two different domains... 

> And i have tried regenerating them again. 
> I have added rsa.pub files to authorized_keys on remote servers. No luck. 
> 
> 
> 
> ________________________________ 
>   From: Andrew DeFaria-2 [via Cygwin] <[hidden email]> 
> To: anulav2 <[hidden email]> 
> Sent: Wednesday, November 28, 2012 2:36 PM 
> Subject: Re: Passwordless authentication between two domains. 
>   
> 
> On 11/28/2012 12:21 PM, anulav2 wrote: 
>> ssh-keygen -t dsa 
>> and password was empty. 
> I believe you mean passphrase... 
> 
> What about these issues I mentioned: 
> 
> Additionally is ~/.ssh/id_rsa.pub the same on both machines? (Does diff 
> return no differences?). I believe, since these are two different 
> domains, that the generated keys will not be the same. If they are the 
> same then regenerate them on both machines and compare them again. 
> 
> Also, ~/.ssh/id_rsa.pub from Domain A should be added to the 
> ~/.ssh/authorized_keys on Domain B and visa versa from Domain B -> 
> Domain A. 
> 
> Finally, can you do passwordless authentication between two different 
> machines in Domain A? 
-- 
Andrew DeFaria <http://defaria.com> 
What do people in China call their good plates? 


-- 
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple



________________________________
 
If you reply to this email, your message will be added to the discussion below:
http://cygwin.1069669.n5.nabble.com/Passwordless-authentication-between-two-domains-tp94427p94593.html 
To unsubscribe from Passwordless authentication between two domains., click here.
NAML



--
View this message in context: http://cygwin.1069669.n5.nabble.com/Passwordless-authentication-between-two-domains-tp94427p94595.html
Sent from the Cygwin list mailing list archive at Nabble.com.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple