How to set up ssh connection to another system using "Passwords and Encryption Keys"?

Chris G cl at isbd.net
Fri Dec 18 11:10:02 UTC 2009 

On Fri, Dec 18, 2009 at 10:25:52PM +1300, Tim Frost wrote:
> On Thu, 2009-12-17 at 17:03 +0000, Chris G wrote:
> > Can anyone point me at some instructions which show how to set up an
> > ssh connection using the Passwords/Keys kept in "Passwords and
> > Encryption Keys" (that's actually seahorse).
> 
> If you have an SSH user key that is loaded, then you can use that key
> for any/all hosts that you want to log in to.  On the initiating side,
> there are several factors that need to be considered:
> 1: If the remote end needs particular settings, they can be
>        set in .ssh/config:
>   - you can set the remote userid
>   - you can force the SSH protocol version
>   - you can explicitly force the X11 and pot forwarding settings
> 
> 2: To get 'passwordless' authentication, you need to ensure that the
> public key matching the private SSH key loaded into seahorse (or an
> alternative SSH key agent) is in place for all servers that you need
> access to.  Servers that run openssh support this, with a list of SSH
> public keys in file '$HOME/.ssh/authorized_keys', which can be used to
> log in without supplying a password
> 
> Ubuntu provides a tool, ssh-copy-id,  which takes the list of private
> keys in your agent (which may be seahorse, ssh-agent or an alternative
> program), and appending the corresponding public keys to the file
> '.ssh/authorized_keys' on the server.  That tool asks once for your
> password on the server.
> 
> 
> If the correct key (or keys) have been copied, then you should be able
> to use SSH to access the remote system without providing the password
> for the remote system.
> 
Yes, I understand the ssh basics.  In addition I can now confirm that
seahorse does its job correctly, creates the keys and puts them in the
right places.  What *doesn't* work at all is gnome-keyring-daemon
which is supposed to replace ssh-agent.  It's all very broken on my
xubuntu 9.10 system and I suspect it's not much different on ubuntu 9.10.

There are two problems.  Firstly by default (I think) you end up with
both ssh-agent *and* gnome-keyring-daemon running which is decidedly
not a good idea.

So I've configured ssh-agent not to run.  It then turns out that
gnome-keyring-daemon isn't set up to work as a ssh-agent replacement,
I'm still working on getting that side of things working.  I have now
at least got to the stage where running ssh pops up a window asking
for my ssh key passphrase.  What I'm ultimately after is getting it
all to work completely transparently using my login password as the
ssh key passphrase.
> 
>  
> > 
> > I've hunted and hunted but can't find anywhere that gives step by step
> > instructions on how to do it.  E.g. I want something like:-
> > 
> >     1 - Create a new XXX entry in "Passwords and Encryption Keys"
> >     2 - Copy the public key to the remote system
> >     3 - Logout and log back in again
> >     4 - ssh to the remote system should now work 'passwordless'
> > 
> > I need to know what needs to be installed and running on the system as
> > well as a "what the user does" sequence.  Currently I have done
> > something like the sequence outlined above but it simply doesn't work
> > at all.
> > 
> > -- 
> > Chris Green
> > 
> > 
> 
> 
> -- 
> Tim Frost <timfrost at xtra.co.nz>
> 
> 
> -- 
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

-- 
Chris Green

More information about the ubuntu-users mailing list