> You also need to create an account with an empty password to log > into. It also means that the user can log in locally without using a > password. (Just hit enter when it asks for a password.) I have not > tested it, but sshd may still ask for a password, but allow you to > hit enter when asked. The default setting will not let you connect > to this type of account using passwords. I believe it will let you > connect using key pairs. At a guess, I would say it is designed to > prevent remote logins using a "guest" account that does not require > a password... No, you most certainly do not want to create a passwordless account. SSH keypairs, if configured using the default Fedora SSH server configuration, will work even if a password is set. In short: 1) On the local side: ssh-keygen -t rsa -b 1024 -f identity Copy the identity and identity.pub files to ~/.ssh chmod 700 ~/.ssh chmod 600 ~/.ssh/identity 2) Copy the identity.pub file to the remote server and append to the remote user's ~/.ssh/authorized_keys file scp identity.pub remoteuser@remotehost: (it will prompt for password) ssh remotehost (it will prompt for password) cat identity.pub >> .ssh/authorized_keys chmod 700 ~/.ssh chmod 644 ~/.ssh/authorized_keys rm identity.pub 3) Logout from the remote host then test: ssh remoteuser@remotehost hostname It should respond with the hostname of the remote. If the remote host is running another SSH version (e.g., Tectia) then this will need to be modified slightly. -- * The Digital Hermit http://www.digitalhermit.com * Unix and Linux Solutions kwan@xxxxxxxxxxxxxxxxx
