False Security December 1, 2006
Posted by hunterp in distros, security, ssh.add a comment
For the last 7 years that i’ve been using linux I thought I was crazy until recently.
ssh-keygen generates two files a “public” and a “private” key. So you know the drill…
- cat the public key >> authorized_keys
- move the key to the incoming client
- clean up permissions for g and o and you’re ready to go.
For the longest time this seemed to not be a reliable recipe and it just drove me mad. The truth of the matter is that some distros and unixes work if you send both the public and the private key to the incoming client.
Id like to know if this is just some insane person that works on some distro being stubborn and making his ssh work opposite to the norm…
Update: (I like this approach!)
<wiredfool> I thought that the normal procedure was to generate the pair on the client, and send the public to the server
