[rhn-users] SSH in BatchMode

Tue May 23 06:50:32 UTC 2006

1. Log in to the remote linux machine once manually, to store the RSA
key of the remote machine. After completing the step, we cross checked
and the key is rightly stored in /etc/ssh/known_hosts

[Liz] I dont have this file, never needed it. I have a
~/.ssh/known_hosts. The man file suggests its /etc/ssh/ssh_known_hosts
[Vikas] Copied it. The file now exists at both the locations, but still
fails

 2. Generate the RSA/DSA keys on the client machine and copy the public
keys on the remote machine. The public keys should be copied to a file
~/.ssh/authorized_keys on the remote machine. We have done this as well.

[Liz] If you're using ssh 2 thats authorized_keys2 btw
[Vikas] Copied it. The file now exists as both, but still fails

3. We have also changed the file/directory permission for ~/.ssh &
~/.ssh/authorized_key to be read-write for user only by executing
>chmod -R 600 .ssh

4. Additionally, we have created ~/.ssh/known_hosts at the client
machine containing the RSA public key of remote linux machine.

As per the documentation, we should now be able to login on the remote
linux machine without being prompted for the password. For us, we still
get a Permission denied error i.e. after invoking the following command
on client

[Liz] Does it work as just ssh usrlogin at remotemachine ? eg without
batchmode etc.??
[Vikas] Yes. That's how we got the RSA key of the remote machine for the
first time.

>ssh -2o BatchMode=true -l <usrlogin> <remoteLinuxMachine>

[Liz] This syntax doesnt match my ssh man page, it has no idea of
BatchMode, nor -2, it has -o2 though
[Vikas] As per the following release
> rpm -q -a | egrep ssh
openssh-3.9p1-8.RHEL4.9
openssh-askpass-3.9p1-8.RHEL4.9
openssh-clients-3.9p1-8.RHEL4.9
openssh-askpass-gnome-3.9p1-8.RHEL4.9
openssh-server-3.9p1-8.RHEL4.9

The 'man' page for ssh says
SYNOPSIS
     ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]
         [-D port] [-e escape_char] [-F configfile] [-i identity_file]
[-L
         port:host:hostport] [-l login_name] [-m mac_spec] [-o option]
         [-p port] [-R port:host:hostport] [-S ctl] [user@]hostname
[command]

Where 
     -2      Forces ssh to try protocol version 2 only.
     -o option
             Can be used to give options in the format used in the
configuration file.  This is useful for specifying options for which
there is no separate command-line flag.  For full details of the options
listed below, and their possible values, see
             ssh_config(5).
                   ...
                   BatchMode
			 ...

******************************************
The information contained in, or attached to, this e-mail, may contain
confidential information and is intended solely for the use of the
individual or entity to whom they are addressed and may be subject to
legal privilege.  If you have received this e-mail in error you should
notify the sender immediately by reply e-mail, delete the message from
your system and notify your system manager.  Please do not copy it for
any purpose, or disclose its contents to any other person.  The views or
opinions presented in this e-mail are solely those of the author and do
not necessarily represent those of the company.  The recipient should
check this e-mail and any attachments for the presence of viruses.  The
company accepts no liability for any damage caused, directly or
indirectly, by any virus transmitted in this email.
******************************************

_______________________________________________
rhn-users mailing list
rhn-users at redhat.com
https://www.redhat.com/mailman/listinfo/rhn-users