"Gregory P. Ennis" <PoMec at PoMec.Net> schrieb am 02.02.2010 04:27:52: > #1. If you change anything in sshd_config you must restart sshd before > your changes will become active. You can do this in the root account > easily by entering : > > service sshd restart Wrong. While this is working on CentOS and probably other Redhat based distros this will certainly cause trouble on most Unix boxen. service sshd reload is what would be a good advice, because SIGHUP won't drop your current OpenSSH/SunSSH connection, so the possibility to lock out yourself is somewhat minimized. And as a side effect, this is the way a lot of daemons are working, e.g. apache's httpd. > #2. If you are connecting from one account to another account in > different machines you must have id_dsa.pub > in /home/user/.ssh/authorized_keys file of the account you are > connecting with. > > ie if you are logged on as root in one machine and you connect to > another machine to the root account then id_dsa.pub of the original > account has to be in /root/.ssh/authorized_keys of the machine you are > connecting to. That's just half the truth. ssh simply looks for a default pub key file. And it doesn't have to be $HOME/.ssh/id_dsa.pub, as it is depending on your sshd_config. Nothing stops you to use a different keypair as long as you're having access to it - including the passphrase if neccessary. Frank.