|
| PORTAIL | ANNUAIRE | ARTICLES | COMPARATEUR HÉBERGEURS | DEVIS | FORUMS | RÉDUCTEUR D'URL |
|
|
|
|
||||||
| comp.security.ssh SSH secure remote login and tunneling tools. |
 |
|
|
LinkBack | Outils de la discussion |
30/10/2006, 18h21
|
#1 |
Messages: n/a
Hébergeur: |
using ssh-keygen to create identical keys
Hello,
I have 5 clients which are connected to three server; this network is for testing and it not (AND WILL NOT!) be connected to the internet. Now: becuase this is for testing, some machines are dual boot; also quite frequently we install OS on these machines. Theses machines have flavors of linux, and there is also solaris. My question is: we do work a lot with ssh. If on the client side you run : ssh-keygen -t rsa it generates 2 files: id_rsa id_rsa.pub then if you copy id_rsa.pub to the server renaming it to authorized_keys2 (no need to restart the ssh daemon on the server!), than next time you will run ssh from a client to a server than it will connect directly, without need for a password. Is there a way that all these clients will have the same key? (so that on the server, a certain, common authorized_keys2 file will be used, hopefully with only one line). Or is there some other way to cause all the clients to be able to connect without a password to all the servers ? As I said, there is no fear of being attacked from outside as this net is isoalted from the outer world. Regard, MR |
|
|
30/10/2006, 18h59
|
#2 |
|
Messages: n/a
Hébergeur: |
Re: using ssh-keygen to create identical keys
markryde@gmail.com wrote:
> Hello, > I have 5 clients which are connected to three server; this network is > for testing and > it not (AND WILL NOT!) be connected to the internet. > Now: becuase this is for testing, some machines are dual boot; also > quite frequently we > install OS on these machines. Theses machines have flavors of linux, > and there is also solaris. > My question is: we do work a lot with ssh. > If on the client side you run : ssh-keygen -t rsa > it generates 2 files: > id_rsa id_rsa.pub > then if you copy id_rsa.pub to the server renaming it to > authorized_keys2 > (no need to restart the ssh daemon on the server!), than next time you > will run ssh from a client to a server than it will connect directly, > without need for a password. > > > Is there a way that all these clients will have the same key? > (so that on the server, a certain, common authorized_keys2 file will be > used, hopefully > with only one line). > Or is there some other way to cause all the clients to be able to > connect without a password > to all the servers ? > > As I said, there is no fear of being attacked from outside as this net > is isoalted from > the outer world. > Regard, > MR > Yes there is a way. You generate the keys on one machine and copy them to all the others. I would not do it though. I think it's generally a good practice for each person to have their own keypair. Also do not copy the public key to authorized_keys2. That overwrites it. Use authorized_keys (keys2 is obsolete) instead and concatenate the keys to the file, one line per key. This is how authorized_keys is designed to work. It holds multiple keys, not just one. |
|
|
|
30/10/2006, 21h40
|
#3 |
|
Messages: n/a
Hébergeur: |
Re: using ssh-keygen to create identical keys
You can set up hostbased authentication for the network. - Richard |
|
|
|
| Outils de la discussion | |
|
|
