# This is the file ~/.ssh/Readme
# How to set up passwordless ssh/scp from machine $Src to machine $Dest.
# (Substitute the machine names for "$Src" and "$Dest", in the below.)
#
# Note: This file is written in a script-like style (/bin/csh), but is NOT a script.
# (For starters, different steps have to be done on each machine.)
# It has not been thoroughly tested for all possible situations.
# Do the steps by hand, to understand how it works.

set Src=`hostname`;

# On machine $Src:
#
cd ~/.ssh
# Generate a key for this machine, if it doesn't already exist:
if (! -e id_dsa.pub) ssh-keygen -t dsa  -P ""         -f id_dsa
#             Those flags mean: -t type -P passphrase -f file   -C comment
#
# Optional/helpful: give the local public key a better name:
ln -s id_dsa.pub id_dsa-$user-at-$Src.pub

# Note: 
# `id_dsa.pub` contains the public key and can(should) be copied to other machines; 
# `id_dsa` contains the private key and should not be copied, or readable by any others.



## On machine $Dest:

# Create files as necessary:
mkdir --parents ~/.ssh
cd ~/.ssh
touch authorized_keys2
chmod 600 authorized_keys2
# ssh won't work if authorized_keys2 is writable by group or other!

# Now grab the public key from the other machine, 
# and append it to authorized_keys2:
scp $Src:.ssh/id_dsa.pub  id_dsa-$user-at-$Src.pub
cat id_dsa-$user-at-$Src.pub  >>! authorized_keys2
rm  id_dsa-$user-at-$Src.pub

# At this point, you can test (on $Src): ssh $Dest   and hopefully no password required.


#######################
# Other notes:
#
# (You may also want use `ls -l` to confirm that authorized_keys2 is readable,
#  *and* not writable by group, other.)
#
# Note that at Radford, ssh will still occasionally require you to
# re-enter the password (every few days??), presumably as an added security measure?
#
# Machines to ssh to, @radford.edu:
#   rucs
#   ruacad
# (babbage refused; rucs2 is alias to rucs)