OpenSSH problems

Derald Metzger dmetz at imagelinks.com
Wed Aug 23 10:11:20 PDT 2000


>
> I am having trouble setting up OpenSSH to replace rsh. I would like =
> eliminate the use of passwords for users going between machines on a =
> guarded beowulf. What I *think* I want is to use RSA + Rhosts =
> authentication. The docs say that all I need is a /etc/hosts.equiv and =
> /etc/ssh_known_hosts. However, this doesn't seem to work. Is there =
> anyone who could give me some pointers or better yet forward a copy of =
> the config files and whatever other files I need? (feel free to munge =
> the keys... :)
>...
> Traveler Hauptman

Look for these lines in your sshd_config:

  # Don't read ~/.rhosts and ~/.shosts files
  IgnoreRhosts no

  # For this to work you will also need host keys in /etc/ssh_known_hosts
  RhostsRSAAuthentication yes

Insure that the pub keys for each host are in ssh_known_hosts.
Insure that the users' pub keys are in their ~/.ssh/authorized_keys

The above will probably get things working tho there are other gotchas,
eg protocol 1 rather than 2 (2 uses different files).
Life is fairly easy for the users if their home dir is nfs mounted so
they only have to deal with one authorized_keys file.
The sysadmin needs to put each hosts pub keys in ssh_known_hosts.

Derald






More information about the Beowulf mailing list