Wow was getting ssh logins using RSA key pairs a real pain in the butt. I suppose if everything had been standard Ubuntu things might have worked out of the box... maybe.

In order for me to use the Bazaar Eclipse plugin I needed to setup ssh to my server to not require a password. This is because for some reason, the plugin can't handle any user interface type stuff with ssh. Sigh.

So I did the basics first. 

I ran the following to setup my key pair (I typed in a passphrase when it asked, to make it as secure as possible)

ssh-keygen -t rsa -b 2048

Then to copy it to my home directory on my server.

ssh-copy-id suttonca@myservernamehere

But I still was having issues. It was asking me for a password even after I'd unlocked my RSA key. So I checked /var/log/auth.log on the remote server and found some errors like the following:

Authentication refused: bad ownership or modes for directory /home/suttonca/.ssh

I had to run the following commands to setup the permissions properly before the solution worked.

chmod go-w ~/
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

All that remained was to ensure that everytime I logged in that I was asked to unlock my key. In KDE all I had to do was run the following:

I read this article over at Softpedia.com. I may be completely off base here, but why would cursors, animated cursors, or icons ever need anything more than user mode access?

It never fails to amaze me how vulnerable we are with some software because it was architected incorrectly and insecurely to begin with.

I just recently became aware of some issues with some software installation packages at work. There were so many problems with these packages that I couldn't name them all. Were these problems something that needed be solved individually? No. They were all caused by taking a snap shot of an application install rather than using the vendors MSI file and applying minor changes via an MST.