Unattended SSH
Unattended remote login - Freeside can login to remote machines unattended using SSH. This can pose a security risk if not configured correctly, and will allow an intruder who breaks into your freeside machine full access to your remote machines. Do not use this feature unless you understand what you are doing!
- As the freeside user (on your freeside machine), generate an authentication key using ssh-keygen. Since this is for unattended operation, use a blank passphrase.
- Append the newly-created
identity.pub
file to ~root/.ssh/authorized_keys
(or the appopriate ~username/.ssh/authorized_keys
) on the remote machine(s).
- Some new SSH v2 implementation accept v2 style keys only. Use the
-t
option to ssh-keygen, and append the created id_dsa.pub
or id_rsa.pub
to ~root/.ssh/authorized_keys2
(or the appopriate ~username/.ssh/authorized_keys
) on the remote machine(s).
- You may need to set
PermitRootLogin without-password
(meaning with keys only) in your sshd_config
file on the remote machine(s).
- You may want to set
ForwardX11 = no
in ~root/.ssh/config
to prevent spurious errors if your distribution turns on X11 forwarding by default.