Differences between current version and predecessor to the previous major change of AuthorizedKeysFile.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 8 | Last edited on Tuesday, September 23, 2003 11:18:58 pm | by CraigBox | |
| Older page: | version 6 | Last edited on Tuesday, May 27, 2003 12:33:19 pm | by JohnMcPherson | Revert |
@@ -1,39 +1 @@
-Used for Public/Private key authentication by the ssh(1) client.
-
-place your public key in the
AuthorizedKeysFile in ~/.ssh and provided you have ssh-agent(1) setup correctly you shouldn't have to type in your password/keyphrase much.
-
-for ssh1 keys place it in
- ~/.ssh/authorized_keys
-
-for ssh2 keys place it in
- ~/.ssh/authorized_keys2
-
-Make sure these file are owned by the owner (especially not root), and their permissions are no more than 600. Also make sure that ~/.ssh is no more than 700, or ssh will complain and ignore these files as being potentially unreliable. (unfortunately it doesn't tell you it's complaining, it just puts it into syslogd(8).
-
-Under debian, theres a ssh-copy-id(1) program which does all this automagically, it's easy to use:
- ssh-copy-id ''hostname''
-and it's all setup!
-
-----
-To generate a key use ssh-keygen(1). If you can, you want to use a ssh2 key. This can be generated with:
- ssh-keygen -t dsa
-or
- ssh-keygen -t rsa
-(depending on what type of key you want)
-
-then use
- ssh-copy-id ''hostname''
-and ya done.
-
-----
-! Limit key use to certain machines
-You can tell sshd (the server side) to only allow keys to be used from specified host names. In front of the key in the .authorized_keys file,
-you can put a list of globs. Eg:
- from="*.com,localhost" ssh-dss XXXX....base64..keyid....= username@host
-will only allow this key to be used from localhost and .coms.
-
-You can also prefix a glob with a ! to negate it.
-
-There are lots of other options, which are documented in the man page linked to below
.
-
-See also sshd(8)
+Describe [
AuthorizedKeysFile] here
.
