[PLUG] ssh pass phrase authorization

Rich Shepard rshepard at appl-ecosys.com
Thu Feb 17 15:35:50 UTC 2005


On Wed, 16 Feb 2005, Eric Wilhelm wrote:

> You mean it is asking for the pass phrase for your private key?

Eric,

   No, I mean that I am _not_ asked for my passphrase but only for my
password.

> Your public key is in the ~/.ssh/authorized_keys file on the remote
> host?

   Yes. My  public keys for all hosts are in each host's
~/.ssh/authorized_keys.

> Your ~/.ssh/authorized_keys on the remote host has the correct (600)
> permissions?

   Yes.

> You are running ssh-agent and did ssh-add "privatekeyfile" or you have a
> key in ~/.ssh/identity (mine is a symlink to my favorite private key)
> or you are using the -i "privatekeyfile" option?

   I am not running ssh-agent.

   In ~/.ssh, identity/identity_pub have a timestamp of 2000-02-18 while
id_dsa/id_dsa.pub have a timestamp of 2003-12-06.

> What error are you getting (or is it just prompting you for a pasword?)

   The latter.

> If it stopped using your key and the filename wasn't ~/.ssh/identity, it
> might be related to an X/wm upgrade (different distros seem to have
> different policies about that.)  I seem to remember something like that
> a while back where debian would automatically use ~/.ssh/id_dsa with
> ssh-agent on startx or something and (then quit?) details are fuzzy.

   Hmmm-m-m. I'm running X.org-6.8.1 on two hosts (the workstation/server)
and I don't recall if I upgraded the portables from X.org-6.7 to -6.8.1.

   My understanding of the process comes from reading Mick Bauer's book and I
know that the password is passed through the encrypted tunnel whether I'm
here or away from the office. However, using my passphrase when I'm away
from the office adds that modicum of additional security and that's why I'd
like to resolve this issue.

Thanks,

Rich

-- 
Dr. Richard B. Shepard, President
Applied Ecosystem Services, Inc. (TM)
<http://www.appl-ecosys.com>   Voice: 503-667-4517   Fax: 503-667-8863



More information about the PLUG mailing list