[CS-FSLUG] Using SSH

[Don Parris]

On Thu, 14 Oct 2004 10:38:47 -0400, K Montgomery <keltik at albany.edu> wrote:
> SSH keys and X forwarding -- like peanut butter and jelly! (Unless you
> have a nut allergy.)
> 
> Once you get the hang of these together, you'll have a blast.
> 
> On Thu, 2004-10-14 at 02:19 -0400, Don Parris wrote:
> > I'd like to play with the remote X session, but am not quite sure how
> > this concept works.  I need to understand what is needed on the remote
> > host and what is needed on the local host.  Frankly, the documentation
> > I've seen just confuses me.  I've got the /etc/ssh/ssh_config file set
> > to forward X11 and use password authentication so far (on one host).
> >
> > Thanks in advance for the clarifications,
> > Don
> 
> Like Josiah said, allowing the SSH daemon to forward X is as simple as a
> configuration change.  On the remote server add the line "X11Forwarding
> yes" to the /etc/ssh/sshd_config file.  When making the SSH connection,
> use "ssh -X" in your command line to request X11 forwarding on the
> client side; or insert the line "ForwardX11 yes" in your
> local /etc/ssh/ssh_config to make it the default.
> 
> X forwarding through SSH is quite a blessing.  Even better is
> passwordless login using SSH keys.
> 
> On Thu, 2004-10-14 at 02:19 -0400, Don Parris wrote:
> > I gather the process is something like:
> > (1) Run ssh-keygen - give pass phrase & filename (opt)
> > (2) Copy or e-mail public key to remote host & place in
> > ~/.ssh/authorized_keys2
> 
> That's right.  But you'll still be asked for your passphrase when you
> try to log in (if there is one, I guess).  To go passwordless, you need
> to run "ssh-agent" at the beginning of your local login session -- the
> purpose of this agent is to hold on to your private SSH keys.  Then run
> "ssh-add" to add your keys to the agent.  You enter your passphrase once
> to add the keys, and you don't have to enter it again for the remainder
> of your session.  This makes remote logins a breeze!
> 
> I use gdm and GNOME in Mandrake 10.1.  There's code
> in  /etc/X11/gdm/Xsession that automatically starts the agent.  All I do
> is add /usr/bin/ssh-add to my startup programs, and I'm asked for my
> passphrase when I log into GNOME.  I'm not sure how you'd set that up on
> your machine, but I don't think it would be hard to figure out.
> 
Thanks.  I'm sure it would be about the same.  I have to admit, I
might not have thought of adding ssh-add to the start-up programs. 
Welly, welly, clever! ;)


-- 
DC Parris GNU Evangelist
http://matheteuo.org/
gnumathetes at gmail.com
Free software is like God's love - 
you can share it with anyone anywhere anytime!