MESSAGE
| DATE | 2001-11-06 |
| FROM | Billy
|
| SUBJECT | Re: [hangout] openssh upgrades
|
From owner-hangout-desteny-at-mrbrklyn.com Tue Nov 6 00:27:58 2001
Received: (from mdom-at-localhost)
by www2.mrbrklyn.com (8.11.2/8.11.2/SuSE Linux 8.11.1-0.5) id fA65RvF20266
for hangout-desteny; Tue, 6 Nov 2001 00:27:57 -0500
Received: from mail.dadadada.net (MAIL.DADADADA.NET [209.48.2.106])
by www2.mrbrklyn.com (8.11.2/8.11.2/SuSE Linux 8.11.1-0.5) with ESMTP id fA65Rvm20260;
Tue, 6 Nov 2001 00:27:57 -0500
Received: from localhost ([127.0.0.1] ident=root)
by mail.dadadada.net with esmtp (Exim 3.12 #1 (Debian))
id 160yir-0005je-00; Tue, 06 Nov 2001 00:24:30 -0500
Received: from billy by localhost with local (Exim 3.12 #1 (Debian))
id 160ymf-0004VA-00; Tue, 06 Nov 2001 00:28:25 -0500
Date: Tue, 6 Nov 2001 00:28:25 -0500
From: Billy
To: Ruben Safir
Cc: hangout-at-nylxs.com
Subject: Re: [hangout] openssh upgrades
Message-ID: <20011106002825.B17213-at-dadadada.net>
References: <20011101204054.A7774-at-www2.mrbrklyn.com> <20011105234139.Q13617-at-dadadada.net> <20011105235958.M19167-at-www2.mrbrklyn.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20011105235958.M19167-at-www2.mrbrklyn.com>; from ruben-at-mrbrklyn.com on Mon, Nov 05, 2001 at 11:59:58PM -0500
Sender: owner-hangout-at-mrbrklyn.com
Precedence: bulk
Reply-To: Billy
List: New Yorkers Linux Scene
Admin: To unsubscribe send unsubscribename-at-domian.com to hangout-request-at-www2.mrbrklyn.com
X-Keywords:
X-UID: 20415
Status: RO
Content-Length: 2044
Lines: 81
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, Nov 05, 2001 at 11:59:58PM -0500, Ruben Safir wrote:
> Cool
>
> What do you use it for? Does that encrypt your whole X -Session?
I use it to get myself logged in.
ssh-agent >.agent
creates a .agent file in my home dir:
billy-at-purple:billy$ cat .agent
SSH_AUTH_SOCK=/tmp/ssh-UXJ13178/agent.13178; export SSH_AUTH_SOCK;
SSH_AGENT_PID=13179; export SSH_AGENT_PID;
echo Agent pid 13179;
My .bashrc (run for new xterms) includes the line
. ~/.agent
Which sets the environment for the agent to be recognized
by any invocation of ssh from that terminal.
ssh-agent >~/.agent
. ~/.agent
These lines:
ssh-add ssh-add ~/.ssh/id_dsa
add my private keys to the agent's memory.
- From this point on, I've got the ability
to log into any system without passwords or passphrases,
as long as my public key is in my .ssh/authorized_keys
file on that server. The first thing I do when I get
a new account is to set up the authorized_keys file,
so I'll never need to remember/lookup my password.
Check it:
billy-at-purple:billy$ ssh www2.mrbrklyn.com
Last login: Tue Nov 6 00:23:58 2001 from billyd.dialup.access.net
...etc...
Have a lot of fun...
billy-at-www2:~ > ssh -lbillyd panix3.panix.com
Last login: Fri Oct 19 10:51:24 2001 from billyd.dialup.a
NetBSD 1.5.2 (PANIX-USER) #0: Thu Oct 18 17:10:03 EDT 2001
W E L C O M E T O P A N I X
billyd-at-panix3:billyd$
The ssh-agent can securely forward my authentication channel when I leapfrog to
other hosts. This makes for great firewall bust^H^H^H^Htesting.
It's just plain convenient.
- --
"The funk, the whole funk, and nothing but the funk."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE753T3+2VvpwIZdF0RAspUAKCGyMlqYg/onk/U04p8gb73WwQNDQCeO3nW
sWrtZkGv58FTeAAfTXv6DkE=
=uDvV
-----END PGP SIGNATURE-----
____________________________
New Yorker Linux Users Scene
Fair Use -
because it's either fair use or useless....
|
|
