Remained Logged in Via SSH
Sometimes connections drop between servers when ssh'd in. Skynet is an example of this. Add these lines to .ssh/config
Host * ServerAliveInterval 120 ServerAliveCountMax 3
ssh host based authentication
This allows people logged into Server A automatically log into Server B without a password *or* sshkeys. Auth is via the Servers. Here is the main how-to: http://blogs.nonado.net/diamond/2006/11/19/ssh-with-host-based-authentication/ I hope diamond wont mind, but I'll copy his how-to here for archive purposes.
What i wanted to do was allow any users on host A be able to ssh to host B using ssh v2 and be automatically logged in. So, these are the steps i took:
Step by Step
- On A, i added the following to /etc/ssh/ssh_config:
Host * EnableSSHKeysign yes Host B.example.com HostbasedAuthentication yes
- On B, i set the following config options in /etc/ssh/sshd_config:
IgnoreRhosts yes HostbasedAuthentication yes //Remember to reload the sshd config after editing
- On B, i added the fqdn of A to /etc/ssh/shosts.equiv:
- On B, i used the following to add the public RSA key of A to ssh_known_hosts:
ssh-keyscan -vt dsa A.example.com >> /etc/ssh/ssh_known_hosts
Note: the fqdn of A used above has to be the same as the result of a reverse dns lookup on it’s IP.
To add a piece to the above how-to: There was a discrepancy between dsa and rsa keys IMO. Although going via ssh would login fine without prompting to accept a key, in order to get pine to autologin, a rsa key had to be added.
On host A: ssh-keyscan -vt rsa B.example.com >> /etc/ssh/ssh_known_hosts
That worked it -)
Regenerate System SSH Keys
After the recent debian issue with openssl, all ssh keys had to be regenerated. Here is the easies method for doing the system ssh keys:
rm /etc/ssh/ssh_host_* dpkg-reconfigure openssh-server
Information got from: