Sometimes connections drop between servers when ssh'd in. Skynet is an example of this. Add these lines to .ssh/config

Host * ServerAliveInterval 120 ServerAliveCountMax 3

This allows people logged into Server A automatically log into Server B without a password *or* sshkeys. Auth is via the Servers. Here is the main how-to: http://blogs.nonado.net/diamond/2006/11/19/ssh-with-host-based-authentication/ I hope diamond wont mind, but I'll copy his how-to here for archive purposes.

What i wanted to do was allow any users on host A be able to ssh to host B using ssh v2 and be automatically logged in. So, these are the steps i took:

• On A, i added the following to /etc/ssh/ssh_config:

Host *

 EnableSSHKeysign yes

Host B.example.com

 HostbasedAuthentication yes
* On B, i set the following config options in /etc/ssh/sshd_config:

IgnoreRhosts yes HostbasedAuthentication yes //Remember to reload the sshd config after editing

• On B, i added the fqdn of A to /etc/ssh/shosts.equiv:

A.exmaple.com

• On B, i used the following to add the public RSA key of A to ssh_known_hosts:

ssh-keyscan -vt dsa A.example.com » /etc/ssh/ssh_known_hosts

Note: the fqdn of A used above has to be the same as the result of a reverse dns lookup on it’s IP.

To add a piece to the above how-to: There was a discrepancy between dsa and rsa keys IMO. Although going via ssh would login fine without prompting to accept a key, in order to get pine to autologin, a rsa key had to be added. On host A: ssh-keyscan -vt rsa B.example.com » /etc/ssh/ssh_known_hosts That worked it -)

After the recent debian issue with openssl, all ssh keys had to be regenerated. Here is the easies method for doing the system ssh keys: rm /etc/ssh/ssh_host_* dpkg-reconfigure openssh-server

Information got from:

http://forums.macosxhints.com/showthread.php?p=296252