How do I set up my set top box?

On Windows, how do I set up sshd such that I can ssh in via key-based authentication from another windows box?

I am working to set up some deployment automation, and one of the things I'm trying is to use Ruby's Capistrano to remotely execute commands over ssh. I have used http://pigtail.net/LRP/printsrv/cygwin-sshd.html to run sshd on the box I'm using as the test victim. Out of the box, though, this will require an identical user on each victim box, with the same password, which is clearly a bad idea. I would like therefore to enable public-key authentication, but after a couple of days of banging my head against a wall, I'm not succeeding. Can anyone point me at a successful guide on the web to accomplish this? I think that: having generated a public key locally on the overlord box, I need to run ssh-agent and then ssh-add , right? As in, not on the victim boxes. on each victim box, I need to cat the public key into /home/username/.ssh/authorized_keys I then need to ssh to the victim box like ssh username@victim and I shouldn't be asked for a password... right? This is the piece that is failing; I'm being asked for my password.
Answer:

To disable password authentication you need to edit sshd_config on victim and set PasswordAuthentication=no Alternatively edit ssh_config on overlord or use the -o option to stop it offering password authentication. You can use ssh -v -v -v ... to see what is happening more clearly. Edit I'm familiar with setting up SSH public key authentication using Putty, puttygen and pageant but not with OpenSSH tools. With OpenSSH I believe the process is $ ssh-keygen -t rsa Then copy ~/.ssh/id_rsa.pub to the server's ~/.ssh/authorized_hosts and ensure permissions are 600 for the file and 700 for the directory. The ssh-keygen man-page should explain how to generate a private key unprotected by any pass-phrase. If you do this you won't ever have to enter a pass-phrase but it will be insecure. If you set up the authentication agent then I believe any pass-phrase would only be needed once per session on 'overlord'. If you don't have a pass-phrase I see no point in setting up an authentication agent, should will just read the private key without prompting for a pass-phrase.

Peter Mounce at Server Fault Visit the source

Was this solution helpful to you?

Related Q & A:

How do I set up windows 03 server as a server?Best solution by Yahoo! Answers
How do i set my yahoo to alert me when there is new message in my in box?Best solution by Yahoo! Answers
How do I set up my windows mail to yahoo email??Best solution by Yahoo! Answers
How do i set up windows mail?Best solution by Yahoo! Answers
How do I set up my default email in windows 7?Best solution by Yahoo! Answers

Just Added Q & A:

How many active mobile subscribers are there in China?Best solution by Quora
How to find the right vacation?Best solution by bookit.com
How To Make Your Own Primer?Best solution by thekrazycouponlady.com
How do you get the domain & range?Best solution by ChaCha
How do you open pop up blockers?Best solution by Yahoo! Answers

For every problem there is a solution! Proved by Solucija.

Got an issue and looking for advice?
Ask Solucija to search every corner of the Web for help.
Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.