[CS-FSLUG] Using SSH
Don Parris
gnumathetes at gmail.com
Thu Oct 14 09:47:13 CDT 2004
On Thu, 14 Oct 2004 10:38:47 -0400, K Montgomery <keltik at albany.edu> wrote:
> SSH keys and X forwarding -- like peanut butter and jelly! (Unless you
> have a nut allergy.)
>
> Once you get the hang of these together, you'll have a blast.
>
> On Thu, 2004-10-14 at 02:19 -0400, Don Parris wrote:
> > I'd like to play with the remote X session, but am not quite sure how
> > this concept works. I need to understand what is needed on the remote
> > host and what is needed on the local host. Frankly, the documentation
> > I've seen just confuses me. I've got the /etc/ssh/ssh_config file set
> > to forward X11 and use password authentication so far (on one host).
> >
> > Thanks in advance for the clarifications,
> > Don
>
> Like Josiah said, allowing the SSH daemon to forward X is as simple as a
> configuration change. On the remote server add the line "X11Forwarding
> yes" to the /etc/ssh/sshd_config file. When making the SSH connection,
> use "ssh -X" in your command line to request X11 forwarding on the
> client side; or insert the line "ForwardX11 yes" in your
> local /etc/ssh/ssh_config to make it the default.
>
> X forwarding through SSH is quite a blessing. Even better is
> passwordless login using SSH keys.
>
> On Thu, 2004-10-14 at 02:19 -0400, Don Parris wrote:
> > I gather the process is something like:
> > (1) Run ssh-keygen - give pass phrase & filename (opt)
> > (2) Copy or e-mail public key to remote host & place in
> > ~/.ssh/authorized_keys2
>
> That's right. But you'll still be asked for your passphrase when you
> try to log in (if there is one, I guess). To go passwordless, you need
> to run "ssh-agent" at the beginning of your local login session -- the
> purpose of this agent is to hold on to your private SSH keys. Then run
> "ssh-add" to add your keys to the agent. You enter your passphrase once
> to add the keys, and you don't have to enter it again for the remainder
> of your session. This makes remote logins a breeze!
>
> I use gdm and GNOME in Mandrake 10.1. There's code
> in /etc/X11/gdm/Xsession that automatically starts the agent. All I do
> is add /usr/bin/ssh-add to my startup programs, and I'm asked for my
> passphrase when I log into GNOME. I'm not sure how you'd set that up on
> your machine, but I don't think it would be hard to figure out.
>
Thanks. I'm sure it would be about the same. I have to admit, I
might not have thought of adding ssh-add to the start-up programs.
Welly, welly, clever! ;)
--
DC Parris GNU Evangelist
http://matheteuo.org/
gnumathetes at gmail.com
Free software is like God's love -
you can share it with anyone anywhere anytime!
More information about the Christiansource
mailing list