[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ncftp




Yeah, you just copy your identity.pub over to the server, and do a
cat identity.pub >> ~/.ssh/authorized_keys

sauer@pyro:/home/nfs/sauer > ls -l .ssh/identity*
-rw-------   1 sauer    users         525 May 24 21:22 .ssh/identity
-rw-r--r--   1 sauer    users         329 May 24 21:22 .ssh/identity.pub
sauer@pyro:/home/nfs/sauer > ls -l .ssh/authorized_keys
-rw-------   1 sauer    users        1674 May 24 21:58 .ssh/authorized_keys

And a quote from the ssh man page (re: RSA authentication):
     The file
     $HOME/.ssh/authorized_keys lists the public keys that are permitted for
     logging in.  When the user logs in, the ssh program tells the server
     which key pair it would like to use for authentication.  The server
     checks if this key is permitted, and if so, sends the user (actually the
     ssh program running on behalf of the user) a challenge, a random number,
     encrypted by the user's public key.  The challenge can only be decrypted
     using the proper private key.  The user's client then decrypts the chal­
     lenge using the private key, proving that he/she knows the private key
     but without disclosing it to the server.

So, as long as your private key is not readable by anyone else, you should be
OK as far as your security goes.  I use it, and it's made my life a lot easier.
:)

--Danny, who's not too worried anyway, actually

On Tue, Jun 13, 2000 at 09:30:15AM -0500, Charles Menzes wrote:
> the only problems i see with using scp is the ability to run it from a
> cronjob. i find the same issues with rsync using ssh as transport. i know
> that you can alter the config of ssh such that it won't prompt for a
> password, thus allowing you to run rsync or scp without any manual
> intervention, but it just sounds like a vulnerability.
> granted, i have not done this myself, so if anyone wants to make some
> commnets on this one, feel free to do so.
> 
> cjm
> 
> On Mon, 12 Jun 2000, Kara Pritchard wrote:
> 
> > 
> > 
> > how about using scp -r ? :)
> > 
> > On Mon, 12 Jun 2000, Adam Van Pelt wrote:
> > 
> > > 
> > > Group,
> > >  I am trying to use ncftp to transfer an entire directory from one machine
> > > to the other. I can login fine, but when I go to transfer a directory
> > > using:
> > > 
> > >  get -Rf cgi-bin/
> > > 
> > >  for instance, it doesn't do anything. It doesn't even throw me back to a
> > > prompt. Any ideas? Also, is there a flag to preserve the permissions on
> > > files/directories that I am not seeing?
> > > 
> > >  TIA!
> > > 
> > > Adam Van Pelt
> > > 
> > > ----------------------------------------------------
> > > Motion Internet
> > > A Division of CyberCity Communications, Inc.
> > > 
> > > Adam Van Pelt                   219 N. Main St.
> > > Technical Support               Chatham, IL 62629
> > > http://www.motion.net           Phone: 217.483.7900
> > > ----------------------------------------------------
> > > 
> > > --
> > > To unsubscribe, send email to majordomo@luci.org with
> > > "unsubscribe luci-discuss" in the body.
> > > 
> > 
> > - Kara
> > 
> > -------------------------------------------------------------
> > Kara Pritchard, RHCE                    Phone: 618-398-7360
> > Linux Users of Central Illinois	        kara@luci.org
> > Asst Dir for Program Development        kara@lpi.org
> > LUG Project Manager - Linux.com	        kara@linux.com
> > -------------------------------------------------------------
> > 
> > 
> > --
> > To unsubscribe, send email to majordomo@luci.org with
> > "unsubscribe luci-discuss" in the body.
> > 
> 
> 
> --
> To unsubscribe, send email to majordomo@luci.org with
> "unsubscribe luci-discuss" in the body.
> 

--
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.