On 20/05/06, Aldo Foot <lunixer@xxxxxxxxx> wrote:
Have you looked into ssh-agents and passprahses? No password required, only a running agent and a good passprhase. The above does required that you share public keys between systems.
I would echo this loudly. Passphraseless keys, or worse still passwordless login should really be avoided. The most elegant solution is to use ssh-agent and ssh-add as managed by the keychain script which is available from Extras (yum install keychain). Some links about these ideas: For ssh-agent: http://mah.everybody.org/docs/ssh http://www.securityfocus.com/infocus/1812 http://www.phy.bnl.gov/computing/gateway/ssh-agent.html For keychain: http://www.gentoo.org/proj/en/keychain/ http://www-128.ibm.com/developerworks/library/l-keyc2/ Personally I have keychain installed, with the following snippets in .bash_profile and .bashrc: .bash_profile: # Set up keychain, rather than using one ssh-agent for every shell. Run the # keychain script here for login shells, but source the keychain information # for all shells from .bashrc. keychain --ignore-missing -q ~/.ssh/id_rsa ~/.ssh/id_dsa .bashrc: # Source the keychain information. Note that keychain itself should be ran # from .bash_profile. if [ -f $HOME/.keychain/$HOSTNAME-sh ]; then . $HOME/.keychain/$HOSTNAME-sh > /dev/null fi
