MESSAGE
DATE | 2001-11-06 |
FROM | Billy
|
SUBJECT | Re: [hangout] openssh upgrades
|
From owner-hangout-desteny-at-mrbrklyn.com Tue Nov 6 00:27:58 2001 Received: (from mdom-at-localhost) by www2.mrbrklyn.com (8.11.2/8.11.2/SuSE Linux 8.11.1-0.5) id fA65RvF20266 for hangout-desteny; Tue, 6 Nov 2001 00:27:57 -0500 Received: from mail.dadadada.net (MAIL.DADADADA.NET [209.48.2.106]) by www2.mrbrklyn.com (8.11.2/8.11.2/SuSE Linux 8.11.1-0.5) with ESMTP id fA65Rvm20260; Tue, 6 Nov 2001 00:27:57 -0500 Received: from localhost ([127.0.0.1] ident=root) by mail.dadadada.net with esmtp (Exim 3.12 #1 (Debian)) id 160yir-0005je-00; Tue, 06 Nov 2001 00:24:30 -0500 Received: from billy by localhost with local (Exim 3.12 #1 (Debian)) id 160ymf-0004VA-00; Tue, 06 Nov 2001 00:28:25 -0500 Date: Tue, 6 Nov 2001 00:28:25 -0500 From: Billy To: Ruben Safir Cc: hangout-at-nylxs.com Subject: Re: [hangout] openssh upgrades Message-ID: <20011106002825.B17213-at-dadadada.net> References: <20011101204054.A7774-at-www2.mrbrklyn.com> <20011105234139.Q13617-at-dadadada.net> <20011105235958.M19167-at-www2.mrbrklyn.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011105235958.M19167-at-www2.mrbrklyn.com>; from ruben-at-mrbrklyn.com on Mon, Nov 05, 2001 at 11:59:58PM -0500 Sender: owner-hangout-at-mrbrklyn.com Precedence: bulk Reply-To: Billy List: New Yorkers Linux Scene Admin: To unsubscribe send unsubscribename-at-domian.com to hangout-request-at-www2.mrbrklyn.com X-Keywords: X-UID: 20415 Status: RO Content-Length: 2044 Lines: 81
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Mon, Nov 05, 2001 at 11:59:58PM -0500, Ruben Safir wrote: > Cool > > What do you use it for? Does that encrypt your whole X -Session?
I use it to get myself logged in.
ssh-agent >.agent
creates a .agent file in my home dir:
billy-at-purple:billy$ cat .agent SSH_AUTH_SOCK=/tmp/ssh-UXJ13178/agent.13178; export SSH_AUTH_SOCK; SSH_AGENT_PID=13179; export SSH_AGENT_PID; echo Agent pid 13179;
My .bashrc (run for new xterms) includes the line
. ~/.agent
Which sets the environment for the agent to be recognized by any invocation of ssh from that terminal.
ssh-agent >~/.agent . ~/.agent
These lines:
ssh-add ssh-add ~/.ssh/id_dsa add my private keys to the agent's memory.
- From this point on, I've got the ability to log into any system without passwords or passphrases, as long as my public key is in my .ssh/authorized_keys file on that server. The first thing I do when I get a new account is to set up the authorized_keys file, so I'll never need to remember/lookup my password.
Check it:
billy-at-purple:billy$ ssh www2.mrbrklyn.com Last login: Tue Nov 6 00:23:58 2001 from billyd.dialup.access.net ...etc... Have a lot of fun... billy-at-www2:~ > ssh -lbillyd panix3.panix.com Last login: Fri Oct 19 10:51:24 2001 from billyd.dialup.a NetBSD 1.5.2 (PANIX-USER) #0: Thu Oct 18 17:10:03 EDT 2001
W E L C O M E T O P A N I X
billyd-at-panix3:billyd$
The ssh-agent can securely forward my authentication channel when I leapfrog to other hosts. This makes for great firewall bust^H^H^H^Htesting.
It's just plain convenient.
- -- "The funk, the whole funk, and nothing but the funk." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQE753T3+2VvpwIZdF0RAspUAKCGyMlqYg/onk/U04p8gb73WwQNDQCeO3nW sWrtZkGv58FTeAAfTXv6DkE= =uDvV -----END PGP SIGNATURE----- ____________________________ New Yorker Linux Users Scene Fair Use - because it's either fair use or useless....
|
|