[K12OSN] RSH vs SSH (was some other topic)
Les Bell
lesbell at lesbell.com.au
Wed Aug 4 22:58:37 UTC 2004
Shawn Powers <spowers at inlandlakes.org> wrote:
>>
Fair enough Les, but do you (or anyone else) know some sort of "hands
free" way to script authorized_keys2 into everyone's .ssh directory?
<<
That depends on the particular setup you have. One way I've seen it done is
to tar the authorized_keys file up and then untar it in the post-install
processing of a kickstart.cfg file. On a single machine, put
.ssh/authorized_keys into /etc/skel so it's dropped into place as part of
useradd -m. To place it on multiple machines, you could use a script which
might require you to use one password (as root) per machine, but then scp
the right stuff into the right places.
>>
My
reasoning for rsh was none other than I didn't want to create a public
key for each user.
<<
Agreed, that is a slight PITA, but again, it's automatable with a little
scripting, and Webmin can be configured to do it as users are added. There
are so many tricks one can do with SSH, I'd be surprised if there isn't an
equally-easy way to do what you need, with better security.
Best,
--- Les Bell, RHCE, CISSP
[http://www.lesbell.com.au]
More information about the K12OSN
mailing list