csshsetup.1 (2012 03)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

csshsetup(1) csshsetup(1)

-k type Speciﬁes the type of key to create. Possible values are rsa or dsa for ssh protocol version 2.

The default key type is rsa.

-r hostfile

Conﬁgures user authentication between all hosts in a round-robin fashion using a list of hosts

in hostﬁle.

-v Displays verbose output.

hostname Speciﬁes the name of a single remote host with which to exchange keys.

SECURITY FEATURES

The rsa or dsa private key is saved with an empty passphrase. This enables administration scripts and

other applications to connect or execute commands non-interactively without prompting the user to enter

a password or add a host ﬁngerprint (ssh prompts the user during setup). The private key is protected by

the ﬁle system so only the user can access the ﬁle. (If you use a private key passphrase, see the ssh man-

page for more information about Secure Shell user authentication and conﬁguration of your user keys.)

Note that the private key passphrase breaks applications such as

pdsh and cexec, so you should use

ssh-agent. For more information on these topics, refer to the openssh web site

http://www.openssh.org.

EXAMPLES

Example showing the contents of hostﬁle. A fully qualiﬁed ﬁlename with extensions is in a non-local

domain.

-f hostﬁle Read a list of remote hosts from this ﬁle,

one host per line, where hostﬁle content is:

host1.company.com

host2

host3.company.com

The following example demonstrates the use of the

-r and -f options. The csshsetup command

conﬁgures the ssh user public key on the list of hosts listed in the ﬁle called hostﬁle. In the output, a

failure message starts with the word ’Failure:’, and a success message starts with the word ’Success:’.

The hostﬁle contains the following host names, as seen with the

cat command:

# cat hostﬁle

host06

host07.company.com

host21

host10.company.com

Using the

csshsetup command with the -r option to get round-robin setup.:

# csshsetup -rf hostﬁle

Failure: host21.company.com is unreachable

If asked, enter password and/or add ﬁngerprint for root@host06.company.com

The authenticity of host ’host06.company.com (12.345.6.78)’ can’t be established.

RSA key ﬁngerprint is c1:0e:ef:14:17:ba:9f:a7:41:56:26:09:39:c9:cd:93.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added ’host06.company.com,12.345.6.78’ (RSA) to the list

of known hosts.

Password: enter password for the user here

If asked, enter password and/or add ﬁngerprint for root@host07.company.com

The authenticity of host ’host07.company.com (78.901.2.341)’ can’t be established.

RSA key ﬁngerprint is a5:56:50:1d:e4:24:31:28:e7:bd:f0:c0:08:b0:79:8e.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added ’host07.company.com,78.901.2.341’ (RSA) to the list

of known hosts.

Password: enter password for the user here

If asked, enter password and/or add ﬁngerprint for root@host10.company.com

The authenticity of host ’host10.company.com (56.789.0.12)’ can’t be established.

2 Hewlett-Packard Company − 2 − HP-UX 11i Version 3: March 2012