On Sat, 2004-09-04 at 09:12, Graham wrote:

Can anyone explain to a novice the way to automate an sftp batch session without the need to supply a password each time? The manpage refers me to sshd and says I need to configure public key authentication, but what does that mean in practical, step-by-step terms?

sftp operates on top off ssh, so you need to set it up so you can ssh without a password. Basically you do 'ssh-keygen', which generates a private and a public key in separate files into your ~/.ssh/ directory. Then you copy your public key (~/.ssh/id_dsa.pub) into the ~/.ssh/authorized_keys file on the remote system.

If you want to login to the same remote system from other machines, either copy your ~/.ssh to those other machines, or repeat the process above on the other machines and append the new public keys to the remote ~/.ssh/authorized_keys file.

Google finds various pages with more relevant info: http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen http://www.cs.umd.edu/~arun/misc/ssh.html http://www.openssh.com/faq.html

-- Martijn

Hi Graham

Having set up ssh authentication for the first time across a small network I run at home, I think I can explain it in simple steps...

Step 1) For each user on each machine, you need to run ssh-keygen. I used: ssh-keygen -t rsa After hitting return through the various prompts, two files are created, both in ~/.ssh - One of these is required for step 3..

Step 2) Set up a new user on the machine where you want to ssh in to - A new user account will have to be created for each person that is allowed access.

Step 3) The contents of ~/.ssh/id_rsa.pub needs to be copied to the machine where you need to be able to ssh into - Copied to ~/.ssh/authorized_keys - If you have multiple computers on the network with lusrs using the same login, the id_rsa.pub from each machine will need to added to authorized_keys. One line per lusr.

As long as sshd is running on the host, you should be able to ssh in without supplying a password.

Regards, Paul.

On Saturday 04 September 2004 09:12, Graham wrote:

Can anyone explain to a novice the way to automate an sftp batch session without the need to supply a password each time?  The manpage refers me to sshd and says I need to configure public key authentication, but what does that mean in practical, step-by-step terms?