It has been a long time since I tried public key authentication for SSH (2005 was the last time I did this).
Well since then 'Gnome Keyring SSH Agent' has been added by Linux distributions, as I found out to my surprise when I typed the following into Linux terminal:
ssh roy@example.com
I got the following pop-up, which I did not expect:
I expected the following message because I created non standard named key (i.e. roy_ssh_key) and did not specify the identity file when running ssh command:
Permission denied (publickey).
'Gnome Keyring SSH Agent' found both the public (roy_ssh_key.pub) and private (roy_ssh_key) keys in the directory ~/.ssh and was trying to load the private key into 'Gnome Keyring SSH Agent' and was asking for the private key password.
If you enter the private key password in the 'Unlock private key' dialogue then the private key is loaded into the SSH agent, then any tempts in the future to ssh it will try to use the private key in the agent.
The following command showed me that the agent had loaded my private key:
ssh-add -l
2048 4e:a9:25:8b:05:0d:c7:a5:25:eb:5e:92:6a:e7:aa:8a roy@dell.pc (RSA)
This fingerprint will match the public key in ~/.ssh
If you reboot your machine and then log back in Gnome Keyring SSH Agent automatically loads the private key this time without asking you for the password. It will protect the private key password using login password for user account that holds the private key in ~/.ssh
You can check to verify that this is the case by running this familiar command:
ssh-add -l
But I feel unease with this feature, where Gnome Keyring SSH Agent automatically loads files in ~/.ssh, which have corresponding *.pub paired files. One solution to stop automatically loading private keys is to remove the corresponding *.pub from ~/.ssh
Friday, August 19, 2011
Sunday, July 24, 2011
Fedora 15 Default Run-level
It has been a long time since I've used Fedora Linux distribution, so recently I installed it. Fedora 15 has changed the way you change the run level on it.
To change the run level you need to issue the following two Linux commands as root:
rm /etc/systemd/system/default.target
ln -s /lib/systemd/system/<target name>.target /etc/systemd/system/default.target
To change the run level you need to issue the following two Linux commands as root:
rm /etc/systemd/system/default.target
ln -s /lib/systemd/system/<target name>.target /etc/systemd/system/default.target
Sunday, April 24, 2011
Dr Who Season 6
What a start to season 6 of Dr who, I will not mention anything here about the first episode in case you have not seen it yet. Steven Moffat promised that lot of the questions that were left unanswered from the season five will be answered, like who caused the crack in Amy bedroom wall in season five etc.
Hello Objective-C
The start of this year I have been learning new programming languages and Objective-C is the language I have been learning over the Easter holidays. Objective-C is a reflective, object-oriented programming language that adds Smalltalk-style messaging to the C programming language. I have absolute no intention of using Objective-C for my programming projects. You may ask the question 'why spend valuable time learning a language, which you will never use?'
The answer is simple, by learning a new language I can compare it to Java, which I use on a daily basis and have been using for over decade. The process of comparing and contrasting new languages I learn with Java, helps me to better understand Java strengths and weakness.
Objective-C is the second language I have learned this year the other being Python.
The answer is simple, by learning a new language I can compare it to Java, which I use on a daily basis and have been using for over decade. The process of comparing and contrasting new languages I learn with Java, helps me to better understand Java strengths and weakness.
Objective-C is the second language I have learned this year the other being Python.
Mortal Kombat: Legacy Web Series
YouTube will be showing the Mortal Kombat: Legacy Web Series, new episode each Tuedays.
Subscribe to:
Posts (Atom)