I have my SSH set up to use only public key authentication between my
laptop and my remote host--no password fallback, no PAM. So, I
initiate a session using:

$ ssh -i .ssh/id_remote remote.host.ip.address

Then I am prompted for the password of the .ssh/id_remote file which
resides on the laptop.

This works well (X11 Forwarding even!), but when I've tried Midnight
Commander or Konqueror using the fish protocol, I get errors. In
experimenting, it appears to me that fish only uses password
authentication. How can I make this work with public key only as I'm
using?

I want to keep my SSH access as secure as possible by using only public
key authentication.

- Nate >>

--
Wireless | Amateur Radio Station N0NB | Successfully Microsoft
Amateur radio exams; ham radio; Linux info @ | free since January 1998.
http://www.qsl.net/n0nb/ | "Debian, the choice of
My Kawasaki KZ-650 SR @ | a GNU generation!"
http://www.networksplus.net/n0nb/ | http://www.debian.org


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

On 8/17/07, Nate Bargmann <n0nb@networksplus.net> wrote:
> I have my SSH set up to use only public key authentication between my
> laptop and my remote host--no password fallback, no PAM. So, I
> initiate a session using:
>
> $ ssh -i .ssh/id_remote remote.host.ip.address
>
> Then I am prompted for the password of the .ssh/id_remote file which
> resides on the laptop.
>
> This works well (X11 Forwarding even!), but when I've tried Midnight
> Commander or Konqueror using the fish protocol, I get errors. In
> experimenting, it appears to me that fish only uses password
> authentication. How can I make this work with public key only as I'm
> using?
>
> I want to keep my SSH access as secure as possible by using only public
> key authentication.

Use sshfs

Regards,
Atis

--
Atis Lezdins,
IT Responsible of BEST Riga,
atis@BEST.eu.org
ICQ: 142239285
Skype: atis.lezdins
Cell Phone: +371 28806004 [Tele2, Latvia]
Work phone: +1 800 7502835 [Toll free, USA]
?BEST? -> www.BEST.eu.org


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

On 8/17/07, Nate Bargmann <n0nb@networksplus.net> wrote:
> I have my SSH set up to use only public key authentication between my
> laptop and my remote host--no password fallback, no PAM. So, I
> initiate a session using:
>
> $ ssh -i .ssh/id_remote remote.host.ip.address
>
> Then I am prompted for the password of the .ssh/id_remote file which
> resides on the laptop.
>
> This works well (X11 Forwarding even!), but when I've tried Midnight
> Commander or Konqueror using the fish protocol, I get errors. In
> experimenting, it appears to me that fish only uses password
> authentication. How can I make this work with public key only as I'm
> using?
>
> I want to keep my SSH access as secure as possible by using only public
> key authentication.

Use sshfs

Regards,
Atis

--
Atis Lezdins,
IT Responsible of BEST Riga,
atis@BEST.eu.org
ICQ: 142239285
Skype: atis.lezdins
Cell Phone: +371 28806004 [Tele2, Latvia]
Work phone: +1 800 7502835 [Toll free, USA]
?BEST? -> www.BEST.eu.org


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

* Atis <atis@BEST.eu.org> [2007 Aug 17 10:55 -0500]:
> On 8/17/07, Nate Bargmann <n0nb@networksplus.net> wrote:
> > I have my SSH set up to use only public key authentication between my
> > laptop and my remote host--no password fallback, no PAM. So, I
> > initiate a session using:
> >
> > $ ssh -i .ssh/id_remote remote.host.ip.address
> >
> > Then I am prompted for the password of the .ssh/id_remote file which
> > resides on the laptop.
> >
> > This works well (X11 Forwarding even!), but when I've tried Midnight
> > Commander or Konqueror using the fish protocol, I get errors. In
> > experimenting, it appears to me that fish only uses password
> > authentication. How can I make this work with public key only as I'm
> > using?
> >
> > I want to keep my SSH access as secure as possible by using only public
> > key authentication.
>
> Use sshfs

That still doesn't work. I get:

read: Connection reset by peer

It doesn't seem to be able to let me specify a path to the
~/.ssh/id_remote file and then prompt for a password like the -i option
of ssh. It does work okay with a host that uses the default id_r|dsa
filename, but I use a different key for different hosts and must
specify the correct key to ssh. Does sshfs support this?

Ideas?

- Nate >>

--
Wireless | Amateur Radio Station N0NB | Successfully Microsoft
Amateur radio exams; ham radio; Linux info @ | free since January 1998.
http://www.qsl.net/n0nb/ | "Debian, the choice of
My Kawasaki KZ-650 SR @ | a GNU generation!"
http://www.networksplus.net/n0nb/ | http://www.debian.org


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

* Atis <atis@BEST.eu.org> [2007 Aug 17 10:55 -0500]:
> On 8/17/07, Nate Bargmann <n0nb@networksplus.net> wrote:
> > I have my SSH set up to use only public key authentication between my
> > laptop and my remote host--no password fallback, no PAM. So, I
> > initiate a session using:
> >
> > $ ssh -i .ssh/id_remote remote.host.ip.address
> >
> > Then I am prompted for the password of the .ssh/id_remote file which
> > resides on the laptop.
> >
> > This works well (X11 Forwarding even!), but when I've tried Midnight
> > Commander or Konqueror using the fish protocol, I get errors. In
> > experimenting, it appears to me that fish only uses password
> > authentication. How can I make this work with public key only as I'm
> > using?
> >
> > I want to keep my SSH access as secure as possible by using only public
> > key authentication.
>
> Use sshfs

That still doesn't work. I get:

read: Connection reset by peer

It doesn't seem to be able to let me specify a path to the
~/.ssh/id_remote file and then prompt for a password like the -i option
of ssh. It does work okay with a host that uses the default id_r|dsa
filename, but I use a different key for different hosts and must
specify the correct key to ssh. Does sshfs support this?

Ideas?

- Nate >>

--
Wireless | Amateur Radio Station N0NB | Successfully Microsoft
Amateur radio exams; ham radio; Linux info @ | free since January 1998.
http://www.qsl.net/n0nb/ | "Debian, the choice of
My Kawasaki KZ-650 SR @ | a GNU generation!"
http://www.networksplus.net/n0nb/ | http://www.debian.org


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

On Fri, Aug 17, 2007 at 01:10:26PM -0500, Nate Bargmann wrote:
> * Atis <atis@BEST.eu.org> [2007 Aug 17 10:55 -0500]:
> > On 8/17/07, Nate Bargmann <n0nb@networksplus.net> wrote:
> > > I have my SSH set up to use only public key authentication between my
> > > laptop and my remote host--no password fallback, no PAM. So, I
> > > initiate a session using:
> > >
> > > $ ssh -i .ssh/id_remote remote.host.ip.address
> > >
> > > Then I am prompted for the password of the .ssh/id_remote file which
> > > resides on the laptop.
> > >
> > > This works well (X11 Forwarding even!), but when I've tried Midnight
> > > Commander or Konqueror using the fish protocol, I get errors. In
> > > experimenting, it appears to me that fish only uses password
> > > authentication. How can I make this work with public key only as I'm
> > > using?
> > >
> > > I want to keep my SSH access as secure as possible by using only public
> > > key authentication.

I use ssh access to the remote debian system with RSA public key.

I can use Midnight Commander to access remote directories with fish; then I
must to enter the remote password for the remote user and the / directory is
open for me.

In MC I open a Shell connection,
give the remote user@system /#sh:remote_user-name@remote_host-name
enter the password for that remote user, and open the remote / directory.

--
Regards, Paul Csanyi
http://www.freewebs.com/csanyi-pal/index.htm


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

On Fri, Aug 17, 2007 at 01:10:26PM -0500, Nate Bargmann wrote:
> * Atis <atis@BEST.eu.org> [2007 Aug 17 10:55 -0500]:
> > On 8/17/07, Nate Bargmann <n0nb@networksplus.net> wrote:
> > > I have my SSH set up to use only public key authentication between my
> > > laptop and my remote host--no password fallback, no PAM. So, I
> > > initiate a session using:
> > >
> > > $ ssh -i .ssh/id_remote remote.host.ip.address
> > >
> > > Then I am prompted for the password of the .ssh/id_remote file which
> > > resides on the laptop.
> > >
> > > This works well (X11 Forwarding even!), but when I've tried Midnight
> > > Commander or Konqueror using the fish protocol, I get errors. In
> > > experimenting, it appears to me that fish only uses password
> > > authentication. How can I make this work with public key only as I'm
> > > using?
> > >
> > > I want to keep my SSH access as secure as possible by using only public
> > > key authentication.

I use ssh access to the remote debian system with RSA public key.

I can use Midnight Commander to access remote directories with fish; then I
must to enter the remote password for the remote user and the / directory is
open for me.

In MC I open a Shell connection,
give the remote user@system /#sh:remote_user-name@remote_host-name
enter the password for that remote user, and open the remote / directory.

--
Regards, Paul Csanyi
http://www.freewebs.com/csanyi-pal/index.htm


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

* Nate Bargmann <n0nb@networksplus.net> [2007 Aug 17 13:11 -0500]:
> * Atis <atis@BEST.eu.org> [2007 Aug 17 10:55 -0500]:
> > On 8/17/07, Nate Bargmann <n0nb@networksplus.net> wrote:
> > > I have my SSH set up to use only public key authentication between my
> > > laptop and my remote host--no password fallback, no PAM. So, I
> > > initiate a session using:
> > >
> > > $ ssh -i .ssh/id_remote remote.host.ip.address
> > >
> > > Then I am prompted for the password of the .ssh/id_remote file which
> > > resides on the laptop.
> > >
> > > This works well (X11 Forwarding even!), but when I've tried Midnight
> > > Commander or Konqueror using the fish protocol, I get errors. In
> > > experimenting, it appears to me that fish only uses password
> > > authentication. How can I make this work with public key only as I'm
> > > using?
> > >
> > > I want to keep my SSH access as secure as possible by using only public
> > > key authentication.
> >
> > Use sshfs
>
> That still doesn't work. I get:
>
> read: Connection reset by peer
>
> It doesn't seem to be able to let me specify a path to the
> ~/.ssh/id_remote file and then prompt for a password like the -i option
> of ssh. It does work okay with a host that uses the default id_r|dsa
> filename, but I use a different key for different hosts and must
> specify the correct key to ssh. Does sshfs support this?
>
> Ideas?

Well, as is usual, I solved it via Google. Here is what I needed to do:

sshfs ip.address.of.host: mountpoint -o IdentityFile="~/.ssh/id_remote"

The reference from the sshfs output and manpage is a bit obscure
refering the reader to the ssh_config man page for ssh option where
IdentityFile is described.

Works like a hose!

- Nate >>

--
Wireless | Amateur Radio Station N0NB | Successfully Microsoft
Amateur radio exams; ham radio; Linux info @ | free since January 1998.
http://www.qsl.net/n0nb/ | "Debian, the choice of
My Kawasaki KZ-650 SR @ | a GNU generation!"
http://www.networksplus.net/n0nb/ | http://www.debian.org


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

* Nate Bargmann <n0nb@networksplus.net> [2007 Aug 17 13:11 -0500]:
> * Atis <atis@BEST.eu.org> [2007 Aug 17 10:55 -0500]:
> > On 8/17/07, Nate Bargmann <n0nb@networksplus.net> wrote:
> > > I have my SSH set up to use only public key authentication between my
> > > laptop and my remote host--no password fallback, no PAM. So, I
> > > initiate a session using:
> > >
> > > $ ssh -i .ssh/id_remote remote.host.ip.address
> > >
> > > Then I am prompted for the password of the .ssh/id_remote file which
> > > resides on the laptop.
> > >
> > > This works well (X11 Forwarding even!), but when I've tried Midnight
> > > Commander or Konqueror using the fish protocol, I get errors. In
> > > experimenting, it appears to me that fish only uses password
> > > authentication. How can I make this work with public key only as I'm
> > > using?
> > >
> > > I want to keep my SSH access as secure as possible by using only public
> > > key authentication.
> >
> > Use sshfs
>
> That still doesn't work. I get:
>
> read: Connection reset by peer
>
> It doesn't seem to be able to let me specify a path to the
> ~/.ssh/id_remote file and then prompt for a password like the -i option
> of ssh. It does work okay with a host that uses the default id_r|dsa
> filename, but I use a different key for different hosts and must
> specify the correct key to ssh. Does sshfs support this?
>
> Ideas?

Well, as is usual, I solved it via Google. Here is what I needed to do:

sshfs ip.address.of.host: mountpoint -o IdentityFile="~/.ssh/id_remote"

The reference from the sshfs output and manpage is a bit obscure
refering the reader to the ssh_config man page for ssh option where
IdentityFile is described.

Works like a hose!

- Nate >>

--
Wireless | Amateur Radio Station N0NB | Successfully Microsoft
Amateur radio exams; ham radio; Linux info @ | free since January 1998.
http://www.qsl.net/n0nb/ | "Debian, the choice of
My Kawasaki KZ-650 SR @ | a GNU generation!"
http://www.networksplus.net/n0nb/ | http://www.debian.org


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

* Csányi Pál <csanyipal@csanyi-pal.info> [2007 Aug 17 13:31 -0500]:
> On Fri, Aug 17, 2007 at 01:10:26PM -0500, Nate Bargmann wrote:
> > * Atis <atis@BEST.eu.org> [2007 Aug 17 10:55 -0500]:
> > > On 8/17/07, Nate Bargmann <n0nb@networksplus.net> wrote:
> > > > I have my SSH set up to use only public key authentication between my
> > > > laptop and my remote host--no password fallback, no PAM. So, I
> > > > initiate a session using:
> > > >
> > > > $ ssh -i .ssh/id_remote remote.host.ip.address
> > > >
> > > > Then I am prompted for the password of the .ssh/id_remote file which
> > > > resides on the laptop.
> > > >
> > > > This works well (X11 Forwarding even!), but when I've tried Midnight
> > > > Commander or Konqueror using the fish protocol, I get errors. In
> > > > experimenting, it appears to me that fish only uses password
> > > > authentication. How can I make this work with public key only as I'm
> > > > using?
> > > >
> > > > I want to keep my SSH access as secure as possible by using only public
> > > > key authentication.
>
> I use ssh access to the remote debian system with RSA public key.
>
> I can use Midnight Commander to access remote directories with fish; then I
> must to enter the remote password for the remote user and the / directory is
> open for me.
>
> In MC I open a Shell connection,
> give the remote user@system /#sh:remote_user-name@remote_host-name
> enter the password for that remote user, and open the remote / directory.

Are you using public key authentication and have password login
disabled as well? That's my setup.

- Nate >>

--
Wireless | Amateur Radio Station N0NB | Successfully Microsoft
Amateur radio exams; ham radio; Linux info @ | free since January 1998.
http://www.qsl.net/n0nb/ | "Debian, the choice of
My Kawasaki KZ-650 SR @ | a GNU generation!"
http://www.networksplus.net/n0nb/ | http://www.debian.org


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

* Csányi Pál <csanyipal@csanyi-pal.info> [2007 Aug 17 13:31 -0500]:
> On Fri, Aug 17, 2007 at 01:10:26PM -0500, Nate Bargmann wrote:
> > * Atis <atis@BEST.eu.org> [2007 Aug 17 10:55 -0500]:
> > > On 8/17/07, Nate Bargmann <n0nb@networksplus.net> wrote:
> > > > I have my SSH set up to use only public key authentication between my
> > > > laptop and my remote host--no password fallback, no PAM. So, I
> > > > initiate a session using:
> > > >
> > > > $ ssh -i .ssh/id_remote remote.host.ip.address
> > > >
> > > > Then I am prompted for the password of the .ssh/id_remote file which
> > > > resides on the laptop.
> > > >
> > > > This works well (X11 Forwarding even!), but when I've tried Midnight
> > > > Commander or Konqueror using the fish protocol, I get errors. In
> > > > experimenting, it appears to me that fish only uses password
> > > > authentication. How can I make this work with public key only as I'm
> > > > using?
> > > >
> > > > I want to keep my SSH access as secure as possible by using only public
> > > > key authentication.
>
> I use ssh access to the remote debian system with RSA public key.
>
> I can use Midnight Commander to access remote directories with fish; then I
> must to enter the remote password for the remote user and the / directory is
> open for me.
>
> In MC I open a Shell connection,
> give the remote user@system /#sh:remote_user-name@remote_host-name
> enter the password for that remote user, and open the remote / directory.

Are you using public key authentication and have password login
disabled as well? That's my setup.

- Nate >>

--
Wireless | Amateur Radio Station N0NB | Successfully Microsoft
Amateur radio exams; ham radio; Linux info @ | free since January 1998.
http://www.qsl.net/n0nb/ | "Debian, the choice of
My Kawasaki KZ-650 SR @ | a GNU generation!"
http://www.networksplus.net/n0nb/ | http://www.debian.org


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

> sshfs ip.address.of.host: mountpoint -o
> IdentityFile="~/.ssh/id_remote"
>
> The reference from the sshfs output and manpage is a
> bit obscure
> refering the reader to the ssh_config man page for ssh
> option where
> IdentityFile is described.

Better method: specify the identify file per host in
~/.ssh/config. That will work with sshfs and anything else
using openssh as a backend. E.g.

Host foo
IdentityFile ~/.ssh/id_dsa_foo

However, if your authentication agent has a key loaded, the
ssh connection should try to use it for a connection, so
you could just make sure you've ssh-added all the identity
files prior to using sshfs/mc etc.


--
Jon Dowland


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org