====== Ssh ====== ====== Remained Logged in Via SSH ====== Sometimes connections drop between servers when ssh'd in. Skynet is an example of this. Add these lines to .ssh/config Host * ServerAliveInterval 120 ServerAliveCountMax 3 ====== ssh host based authentication ====== This allows people logged into Server A automatically log into Server B without a password *or* sshkeys. Auth is via the Servers. Here is the main how-to: http://blogs.nonado.net/diamond/2006/11/19/ssh-with-host-based-authentication/ I hope diamond wont mind, but I'll copy his how-to here for archive purposes. What i wanted to do was allow any users on host A be able to ssh to host B using ssh v2 and be automatically logged in. So, these are the steps i took: ===== Step by Step ===== * On A, i added the following to /etc/ssh/ssh_config: Host * EnableSSHKeysign yes Host B.example.com HostbasedAuthentication yes * On B, i set the following config options in /etc/ssh/sshd_config: IgnoreRhosts yes HostbasedAuthentication yes //Remember to reload the sshd config after editing * On B, i added the fqdn of A to /etc/ssh/shosts.equiv: A.exmaple.com * On B, i used the following to add the public RSA key of A to ssh_known_hosts: ssh-keyscan -vt dsa A.example.com >> /etc/ssh/ssh_known_hosts Note: the fqdn of A used above has to be the same as the result of a reverse dns lookup on it’s IP. ===== Further Tweak ===== To add a piece to the above how-to: There was a discrepancy between dsa and rsa keys IMO. Although going via ssh would login fine without prompting to accept a key, in order to get pine to autologin, a rsa key had to be added. On host A: ssh-keyscan -vt rsa B.example.com >> /etc/ssh/ssh_known_hosts That worked it -) ====== Regenerate System SSH Keys ====== After the recent debian issue with openssl, all ssh keys had to be regenerated. Here is the easies method for doing the system ssh keys: rm /etc/ssh/ssh_host_* dpkg-reconfigure openssh-server ---- Information got from: http://forums.macosxhints.com/showthread.php?p=296252