Differences between current version and revision by previous author of AuthorizedKeysFile.
Other diffs: Previous Major Revision, Previous Revision, or view the Annotated Edit History
| Newer page: | version 8 | Last edited on Tuesday, September 23, 2003 11:18:58 pm | by CraigBox | |
| Older page: | version 7 | Last edited on Monday, September 1, 2003 12:27:13 am | by AristotlePagaltzis | Revert |
@@ -1,23 +1 @@
-!!! Generating key pairs
-
-This is what ssh-keygen(1) is for. Use a SSH2 key if at all possible.
-
- ssh-keygen -t dsa
- # or
- ssh-keygen -t rsa
-
-!!! Distributing public keys
-
-You need a __.ssh__ directory in your home on the remote machine. This directory must not have permissions set to more than 700. Depending on whether you're using SSH1 or SSH2, keys go into __.ssh/authorized_keys__ or __.ssh/authorized_keys2__, respectively, which must have its permissions set to no more than __0600__. Obviously the directoriy and these files must be owned by the user they belong to. If the permissions are wrong,
[SSH
] will refuse to read them (without telling you, unfortunately - it only cries to syslogd(8)). [Debian] provides a ssh-copy-id(1) program which does all this automagically. Just say
-
- ssh-copy-id ''hostname''
-
-!!! Limit key use to certain machines
-
-You can tell sshd(8) to allow a certain key to be used only by certain hosts by putting the __from__ keyword with a list of globs in front of a key in __authorized_keys__. Eg:
-
- from="*.example.com,localhost" ssh-dss XXXX....base64..keyid....= username@host
-
-This will only allow this key to be used from __localhost__ and hosts in the __.example.com__ domain. You can also prefix a glob with a ! to negate it.
-
-There are lots of other options documented in the sshd(8) manpage
.
+Describe
[AuthorizedKeysFile
] here
.
