DCO > Knowledge Base |
|||||||||
The ssh-keygen command generates the authentication keys to use with ssh. It will generate both a public and a private key file, and place them in a subdirectory called ".ssh" in your home directory:
Logging in without using your password If the public key is placed in an authorization file, then ssh will try to match the public key available in the file to the private key stored in your home's .ssh directory. If they match, you login without a password. If they do not match, you are prompted for a password (but if you give a passphrase, you will be asked for that). To enable this, place the contents of the file ~user/.ssh/id_rsa.pub on the originating machine into a file on the destination machine called ~user/.ssh/known_hosts Security & Machine fingerprints The known_hosts file is the global host key database. Each machine is issued a key pair (using ssh-keygen), and when you log into that machine and accept the fingerprint of the public key presented to you then the machine's public key is stored in your personal known_hosts file. If there is no information on a host in your known_hosts file, then you will get this message on logging in:
Host key verification failed. and the session will not continue. If you notice a mismatch between the listed fingerprint and the login offered fingerprint, please email help@eecs.umich.edu immediately. If there is a mismatch between the machine fingerprint in your known_hosts file and the machine offered fingerprint, then you will get this message when you try to login:
You need to check the current machine fingerprints at this site, and verify that the fingerprints match what is being offered while logging in. If they do match, then the fingerprint has been changed, and you need to remove the old fingerprint from your known_hosts file using an editor. Then, you can login again, answering "yes" when it asks if you want to continue.
Powered by LionWiki | Admin | Incoming Links |