NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] thanks-SSHD running..but some concept question to ask


  • To:
  • Subject: [FW1] thanks-SSHD running..but some concept question to ask
  • From: "Sim, CT (Chee Tong)" <[email protected]>
  • Date: Wed, 5 Sep 2001 18:06:30 +0800
  • Sender: [email protected]

Hi..Dear all,  Thanks for your help, I had successfully run the sshd
(openssh) after making the hostkeys (public and private keys) with the
command as shown below.

ssh-keygen -t rsa1 -f /usr/local/etc/ssh_host_key -N ""
ssh-keygen -t dsa -f /usr/local/etc/ssh_host_dsa_key -N ""
ssh-keygen -t rsa -f /usr/local/etc/ssh_host_rsa_key -N ""
And after that start sshd -D
However, I want to ask a some SSH concept question, if you know please
answer me, even you can't answer all the question.

1)Why I need to generate so many keys pair, 1)ssh_host_key
2)ssh_host_dsa_key 3)ssh_host_rsa_key, what is the difference? I thought we
only need one private and public keys pair?  
2)When I type -N "", does it mean that there is no passphrase for keys?  In
my understanding, we need to give our SSH server's public key to our SSH
client, so that when client can identify the real server?  What is the way
to install the public keys in the clients eg WinNT, Linux and solarid
clients? Which file to store it?

3)I found even there is no public keys install in clients, I will get a msg
"no entry in known host list, might be a hostile machine, would you like to
added?" if I proceed the entry will be added (public key of the server)  But
if I want the SSH server reject the connection if its public key is not
found in the client, what should I do???  

4)If I want the sshd to start when it boot, I should something in the rc.d
dir right?? (for eg solaris and linux) Which one?  Rc2 or Rc3 ? Can I just
create a file and add entry as /usr/local/sbin/sshd -D?? or what?

Thanks  


==================================================================
De informatie opgenomen in dit bericht kan vertrouwelijk zijn en 
is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht 
onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en 
de afzender direct te informeren door het bericht te retourneren. 
==================================================================
The information contained in this message may be confidential 
and is intended to be exclusively for the addressee. Should you 
receive this message unintentionally, please do not use the contents 
herein and notify the sender immediately by return e-mail.


==================================================================



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.