This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Setting up SSH keys for password less connections for sftp


Good Afternoon,

Thanks for your response. I have tried to work through both you answer and
the solution you provided in the web link. So far I am still unable to get
the passwordless connection to work.

Here is my setup:
Windows 2000 server. Windows user name is colibri. I have generated the RSA
keys which were created in the c:\Documents and Settings\colibri\.ssh
directory (id_rsa & id_rsa.pub).

The user that I wish to connect to on the HP UX server is applmgr. So I take
the id_rsa.pub file and copy it to the HPUX server. It was placed in the
/u02/app/applmgr/.ssh directly and named authorized_keys.

Supposedly once this is done I should be able to connect to the HPUX server
from the Windows server as applmgr via ssh or sftp (example : sftp
applmgr@finprod1 ) without being asked for a password... correct? I am still
prompted for a password.

Or is this process assuming that I have identical users on both servers with
identical passwords?
I am sure this is a very simple setup and that I am missing something
simple.

Please help me clarify the situation and/or point out my problem.

Thanks again for you help,
Chris Shehan


-----Original Message-----
From: cygwin-owner@cygwin.com [mailto:cygwin-owner@cygwin.com]On Behalf
Of Ken Dibble
Sent: Wednesday, August 18, 2004 11:36 AM
To: cygwin
Subject: Re: Setting up SSH keys for password less connections for sftp


from
man ssh

-----
 The file $HOME/.ssh/authorized_keys lists the public keys that are per-
     mitted for logging in.


ssh implements the RSA authentication protocol automatically.  The user
     creates his/her RSA key pair by running ssh-keygen(1).  This stores the
     private key in $HOME/.ssh/identity and stores the public key in
     $HOME/.ssh/identity.pub in the user's home directory.  The user should
     then copy the identity.pub to $HOME/.ssh/authorized_keys in his/her
home
directory on the remote machine (the authorized_keys file corresponds to
     the conventional $HOME/.rhosts file, and has one key per line,
though the
     lines can be very long).  After this, the user can log in without
giving
     the password.
-----

My personal opinion is that the last line causes a bit of confusion for
some users,
as giving a non-null passphrase when  the specified key is generated
causes the user
to have to enter the passphrase (which can be  interpreted as a request for
the password).

this link may also provide some useful information

http://cricket.ecs.umass.edu/~czou/linux/backupSSH.html


Chris Shehan wrote:

>Hello,
>
>I am attempting to replace an automated ftp process with sftp. This ftp
>process , which runs on a Windows 2000 server, grabs EDI files from our
HPUX
>11.0 server every 10 minutes and places then on the EDI Server. I would
like
>to modify this process to use sftp and use the SSH keys for password less
>connections ..i.e. public key authentication.
>
>So far I have installed and tested SSH on the HPUX 11.0 server. I have also
>installed cygwin on the Windows 2000 server and preformed a successful test
>using sftp. The next step is to setup the public key authentication so that
>I can use sftp in the automated ftp process.
>
>I have Google'd the net and searched the archives of this list but have not
>been able to find any good documentation that shows me exactly what needs
to
>be done in order to get the authentication working in my environment (mix
of
>Windows and UNIX). So far I have been able to generate the private and
>public keys for both servers as show below:
>
>HPUX 11.0 - ssh-keygen -t dsa -f hp_sftp_user
>This command create the following files hp_sftp_user & hp_sftp_user.pub
>
>Windows / CYGWIN - ssh -keygen -t dsa -P ""
>This was an interactive session and I was asked for the file names.
>win2k_sftp and win2k_sftp.pub were generated.
>
>** Please let me know if there are better ways to generate the above keys
>..including any additional options I may need.
>
>If the above mentioned keys are workable ... I now need a solution that
will
>allow me to put these files to use on both the HPUX and Windows servers so
I
>will be able to use password less connections .. which is especially need
>for the scheduled ftp process running on Windows.
>
>Thanks in advance for you help,
>Chris Shehan
>
>
>


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/




--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]