[HaBo]

mathias@wizard:~$ ls -al | grep ssh
drwx------  2 mathias mathias 4096 2009-04-11 12:17 .ssh
mathias@wizard:~$ ls -al .ssh/
total 8
drwx------  2 mathias mathias 4096 2009-04-11 12:17 .
drwxr-xr-x 36 mathias mathias 4096 2009-04-11 11:37 ..
mathias@wizard:~$

mathias@wizard:~$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/mathias/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/mathias/.ssh/id_rsa.
Your public key has been saved in /home/mathias/.ssh/id_rsa.pub.
The key fingerprint is:
4b:b0:24:bc:5c:66:2f:95:4e:df:6a:55:61:e8:b6:04 mathias@wizard
The key's randomart image is:
+--[ RSA 2048]----+
|             .o  |
|   .     .E .. . |
|    o * +  o  .  |
|   . B B . .+.   |
|    o o S .oo.   |
|       o . o.    |
|        . o      |
|         .       |
|                 |
+-----------------+
mathias@wizard:~$

mathias@wizard:~$ ls -al .ssh/
total 16
drwx------  2 mathias mathias 4096 2009-04-11 12:18 .
drwxr-xr-x 36 mathias mathias 4096 2009-04-11 11:37 ..
-rw-------  1 mathias mathias 1743 2009-04-11 12:18 id_rsa
-rw-r--r--  1 mathias mathias  396 2009-04-11 12:18 id_rsa.pub
mathias@wizard:~$

mathias@wizard:~$ ssh-copy-id -i .ssh/id_rsa.pub mathias@10.0.0.254
The authenticity of host '10.0.0.254 (10.0.0.254)' can't be established.
RSA key fingerprint is fd:d3:79:c0:ed:8b:0d:47:d4:6b:c1:b9:c1:4c:82:84.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.0.254' (RSA) to the list of known hosts.
mathias@10.0.0.254's password: 
Now try logging into the machine, with "ssh 'mathias@10.0.0.254'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

mathias@wizard:~$

mathias@apprentice:~/.ssh$ cat authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxIhSXvhcTBEQ2N7/HEDWRHP32/L247Ga/CxU7ZDKaT/u1A8UC5z0kOk+lQjkfJncmUswC2DFvGo/lCpE50OxxfTKdmxEEl8VPR5TYoQNPRbC2x2WHUSOco7Y2RHl8j1Yv+C6D1l9YV8ZaAOzX8TOIvGTLUtSS9PZHfO51khA9b6mrBxHzFPb+cBuMZyBnhoi6PZ6uoa2LdS1YD0i7nwY7NLuFZKzyJGngjut8aRMjfdSmHhDnQpj5nFBa10emPGH0OxVfVU/nnEbvJhxc/uz46P1HDvAor/jDaNBRY5VKEUdC1RdnLfB7CxqZ1dfSsqBOqmKgRnct6dEQwJidOPW7w== mathias@wizard
mathias@apprentice:~/.ssh$

mathias@wizard:~$ ssh -v mathias@10.0.0.254
OpenSSH_5.1p1 Debian-5, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 10.0.0.254 [10.0.0.254] port 22.
debug1: Connection established.
debug1: identity file /home/mathias/.ssh/identity type -1
debug1: identity file /home/mathias/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/mathias/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-5
debug1: match: OpenSSH_5.1p1 Debian-5 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-5
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '10.0.0.254' is known and matches the RSA host key.
debug1: Found key in /home/mathias/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /home/mathias/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/mathias/.ssh/identity
debug1: Trying private key: /home/mathias/.ssh/id_dsa
debug1: Next authentication method: password
mathias@10.0.0.254's password:

PasswordAuthentication no
UsePAM no

mathias@wizard:~$ ls -l .ssh
total 24
-rw-r--r-- 1 mathias mathias  396 2009-04-21 07:30 authorized_keys
-rw------- 1 mathias mathias 1743 2009-04-11 12:18 id_rsa
-rw-r--r-- 1 mathias mathias  630 2009-04-11 12:19 id_rsa.keystore
-rw-r--r-- 1 mathias mathias  396 2009-04-11 12:18 id_rsa.pub
-rw-r--r-- 1 mathias mathias 5304 2009-04-21 08:11 known_hosts
mathias@wizard:~$ cat .ssh/id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxIhSXvhcTBEQ2N7/HEDWRHP32/L247Ga/CxU7ZDKaT/u1A8UC5z0kOk+lQjkfJncmUswC2DFvGo/lCpE50OxxfTKdmxEEl8VPR5TYoQNPRbC2x2WHUSOco7Y2RHl8j1Yv+C6D1l9YV8ZaAOzX8TOIvGTLUtSS9PZHfO51khA9b6mrBxHzFPb+cBuMZyBnhoi6PZ6uoa2LdS1YD0i7nwY7NLuFZKzyJGngjut8aRMjfdSmHhDnQpj5nFBa10emPGH0OxVfVU/nnEbvJhxc/uz46P1HDvAor/jDaNBRY5VKEUdC1RdnLfB7CxqZ1dfSsqBOqmKgRnct6dEQwJidOPW7w== mathias@wizard
mathias@wizard:~$

mathias@wi1shared:~$ ls -l .ssh/
total 8
-rw------- 1 mathias mathias 796 2009-04-21 04:57 authorized_keys
-rw-r--r-- 1 mathias mathias 884 2009-04-21 04:59 known_hosts
mathias@wi1shared:~$ cat .ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxIhSXvhcTBEQ2N7/HEDWRHP32/L247Ga/CxU7ZDKaT/u1A8UC5z0kOk+lQjkfJncmUswC2DFvGo/lCpE50OxxfTKdmxEEl8VPR5TYoQNPRbC2x2WHUSOco7Y2RHl8j1Yv+C6D1l9YV8ZaAOzX8TOIvGTLUtSS9PZHfO51khA9b6mrBxHzFPb+cBuMZyBnhoi6PZ6uoa2LdS1YD0i7nwY7NLuFZKzyJGngjut8aRMjfdSmHhDnQpj5nFBa10emPGH0OxVfVU/nnEbvJhxc/uz46P1HDvAor/jDaNBRY5VKEUdC1RdnLfB7CxqZ1dfSsqBOqmKgRnct6dEQwJidOPW7w== mathias@wizard
mathias@wi1shared:~$

mathias@wizard:~$ ssh mathias@131.188.40.134
mathias@131.188.40.134's password: 
Linux wi1shared 2.6.26-2-686 #1 SMP Thu Mar 26 01:08:11 UTC 2009 i686

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Tue Apr 21 05:04:58 2009 from dslb-088-067-169-162.pools.arcor-ip.net
mathias@wi1shared:~$

wi1shared:/home/mathias# cat /etc/ssh/sshd_config 
# Package generated configuration file
# See the sshd(8) manpage for details

# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768

# Logging
SyslogFacility AUTH
LogLevel INFO

# Authentication:
LoginGraceTime 120
PermitRootLogin no
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile	%h/.ssh/authorized_keys

# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes

# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no

# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no

#MaxStartups 10:30:60
#Banner /etc/issue.net

# Allow client to pass locale environment variables
AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

UsePAM yes
wi1shared:/home/mathias#

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile	%h/.ssh/authorized_keys

wi1shared:~# /usr/sbin/sshd -ddde -p 22000
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 680
debug2: parse_server_config: config /etc/ssh/sshd_config len 680
debug3: /etc/ssh/sshd_config:5 setting Port 22
debug3: /etc/ssh/sshd_config:9 setting Protocol 2
debug3: /etc/ssh/sshd_config:11 setting HostKey /etc/ssh/ssh_host_rsa_key
debug3: /etc/ssh/sshd_config:12 setting HostKey /etc/ssh/ssh_host_dsa_key
debug3: /etc/ssh/sshd_config:14 setting UsePrivilegeSeparation yes
debug3: /etc/ssh/sshd_config:17 setting KeyRegenerationInterval 3600
debug3: /etc/ssh/sshd_config:18 setting ServerKeyBits 768
debug3: /etc/ssh/sshd_config:21 setting SyslogFacility AUTH
debug3: /etc/ssh/sshd_config:22 setting LogLevel INFO
debug3: /etc/ssh/sshd_config:25 setting LoginGraceTime 120
debug3: /etc/ssh/sshd_config:26 setting PermitRootLogin yes
debug3: /etc/ssh/sshd_config:27 setting StrictModes yes
debug3: /etc/ssh/sshd_config:29 setting RSAAuthentication yes
debug3: /etc/ssh/sshd_config:30 setting PubkeyAuthentication yes
debug3: /etc/ssh/sshd_config:31 setting AuthorizedKeysFile %h/.ssh/authorized_keys
debug3: /etc/ssh/sshd_config:34 setting IgnoreRhosts yes
debug3: /etc/ssh/sshd_config:36 setting RhostsRSAAuthentication no
debug3: /etc/ssh/sshd_config:38 setting HostbasedAuthentication no
debug3: /etc/ssh/sshd_config:43 setting PermitEmptyPasswords no
debug3: /etc/ssh/sshd_config:47 setting ChallengeResponseAuthentication no
debug3: /etc/ssh/sshd_config:62 setting X11Forwarding yes
debug3: /etc/ssh/sshd_config:63 setting X11DisplayOffset 10
debug3: /etc/ssh/sshd_config:64 setting PrintMotd no
debug3: /etc/ssh/sshd_config:65 setting PrintLastLog yes
debug3: /etc/ssh/sshd_config:66 setting TCPKeepAlive yes
debug3: /etc/ssh/sshd_config:73 setting AcceptEnv LANG LC_*
debug3: /etc/ssh/sshd_config:75 setting Subsystem sftp /usr/lib/openssh/sftp-server
debug3: /etc/ssh/sshd_config:77 setting UsePAM yes
debug1: sshd version OpenSSH_5.1p1 Debian-5
debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: private host key: #0 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-ddde'
debug1: rexec_argv[2]='-p'
debug1: rexec_argv[3]='22000'
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 22000 on ::.
Server listening on :: port 22000.
debug2: fd 4 setting O_NONBLOCK
debug1: Bind to port 22000 on 0.0.0.0.
Server listening on 0.0.0.0 port 22000.

mathias@wi1shared:~/.ssh$ cat authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxIhSXvhcTBEQ2N7/HEDWRHP32/L247Ga/CxU7ZDKaT/u1A8UC5z0kOk+lQjkfJncmUswC2DFvGo/lCpE50OxxfTKdmxEEl8VPR5TYoQNPRbC2x2WHUSOco7Y2RHl8j1Yv+C6D1l9YV8ZaAOzX8TOIvGTLUtSS9PZHfO51khA9b6mrBxHzFPb+cBuMZyBnhoi6PZ6uoa2LdS1YD0i7nwY7NLuFZKzyJGngjut8aRMjfdSmHhDnQpj5nFBa10emPGH0OxVfVU/nnEbvJhxc/uz46P1HDvAor/jDaNBRY5VKEUdC1RdnLfB7CxqZ1dfSsqBOqmKgRnct6dEQwJidOPW7w== mathias@wizard
ssh-dss AAAAB3NzaC1kc3MAAACBAK6s6Pk3K/qbCCWZobDsPHGlDE1av7dFVaWVQFIxFXl9GHf0HRex+q/7q2E+y+eYfqmxD/CCcigysNDyGb2rB3mjuHT3wO9LjqBHakhhepxs/63cmSeJPDVzlR5vyRK1LQ9MsMGsyDzy6wby5VAoTRwiKBmbVmuL3V4oqYO3vKkZAAAAFQCXa0gZAz3tEVqSb25pADbzmKj1mwAAAIEAoGb12RzpCQhjndUSUIwyuMVuaREFkXg6vX0JqSWdR/B5C6zko+IShwpoBIBj/CSeWrGIRNkjCVjeQXE2Ak3gmsUM39NCDfwBykB3ZWn7S6WN2Q95t2VTBPDqv1xh88KKpenOF4ePDwyXqRcy1SGdZ0+iGT9TQiq98RF7vg1nM2MAAACAdXx8qlKm5sQPj70tSzcBoStUUiZSnV5RJZmcBRBkSyHKkXNWKVS9N5r+g0tGLeGn9eQ6d+SwGG/9Viho9O2GS/T48QdraP6F+wqDZCoB5cp+ZnrrXxzNS+eM53pIFqKIEDg6FHMNmZ7PMIUds/QwlXJMEPhLxIjr+ugUXMxL2RM= mathias@wizard
mathias@wi1shared:~/.ssh$