auth Ques.

[Pekka Savola]

On Fri, 12 Jan 2001, Sunil K. Vallamkonda wrote:
> I have a question on authentication.
> In openSSH, how do I enable keys based authentication (RSA) ?
> (Normally a user creates private/public keys, then puts public key on
> server under ~/.ssh/xxx ).  How can this be achieved using openSSH ?
> I did not see in doc (may be I missed something..).

You should have read ssh(1) man page. Read under Protocol 1 and Protocol
2.  Key generation and adding it to authorized_keys2 are explained there.

> 1) On server, where should the user's public key be stored (~/.ssh/xxx)?

See above.  authorized_keys and authorized_keys2.

> 2) If RSA fails, does sshd automatically drop down to
> SSH_CMSG_AUTH_PASSWORD
> based ?  Is this option configurable ?

Yes and yes.  Disable those authentication methods in either sshd_config
or connecting ssh_config/ ~/.ssh/config to tune which methods will be
tried.  The order is fixed.

-- 
Pekka Savola                  "Tell me of difficulties surmounted,
Netcore Oy                    not those you stumble over and fall"
Systems. Networks. Security.   -- Robert Jordan: A Crown of Swords