Manualshelf

HP-UX Secure Shell Getting Started Guide

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
31323334353637383940
PasswordAuthentication yes
4. Run the following command on the client system:
$ ssh Clay
Depending on the authentication method that you configure in the /etc/pam.conf file, you
are prompted for the relevant information.
Configuring Public-Key Authentication
To configure public-key authentication, follow these steps:
1. To generate RSA key pairs, run the following command on the client:
# ssh-keygen -t [rsa dsa]
The following output is displayed:
Generating public/private rsa key pair.
Enter file in which to save the key (//.ssh/id_rsa): <file name>
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /tmp/hi.
Your public key has been saved in /tmp/hi.pub.
The key fingerprint is:
84:7d:f5:dd:88:f7:53:88:8a:6e:f7:85:04:28:6e:ed root@<hostname>
HP-UX Secure Shell generates the key pairs id_rsa and id_rsa.pub and stores them in
the $HOME/.ssh directory on the client system.
2. Set the following configuration directive in the /opt/ssh/etc/sshd_config configuration
file on the client system:
PubkeyAuthentication yes
NOTE: For backward compatibility purposes, HP-UX Secure Shell supports the
RSAAuthentication configuration directive in both the client and server configurations.
This directive also enables public-key authentication for the client, but only for the SSH-1
protocol.
3. To ensure that the permissions of the home directory of the client, the $HOME/.ssh
directories, and all files under the $HOME/.ssh directory match the permissions listed in
Table 4-2, run the following commands:
# ll -d $HOME
# ll -d $HOME/.ssh
#ll $HOME/.ssh/
Table 4-2 lists the specific permissions for these files and directories.
Table 4-2 Permissions for the Client Files and Directories
PermissionsFile/Directory
drwx------ or drwxr--r--$HOME (home directory)
drwx------ or drwxr--r--$HOME/.ssh
-rw-r--r-- or -rw------$HOME/.ssh/id_rsa and id_dsa
-rw-r--r-- or -rw------$HOME/.ssh/id_rsa.pub and id_dsa.pub
-rwx------$HOME/.ssh/config
4. Copy the public key in the client system to the home directory of the server using the
following command:
# cat $HOME/.ssh/id_dsa.pub ssh remoteuser@remotehost
cat - >> $HOME/.ssh/authorized_keys
Configuring Public-Key Authentication 37