LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > AIX
User Name
Password
AIX This forum is for the discussion of IBM AIX.
eserver and other IBM related questions are also on topic.

Notices



Reply
 
Search this Thread
Old 01-22-2014, 02:19 AM   #1
niranjan741
LQ Newbie
 
Registered: Jan 2014
Posts: 10

Rep: Reputation: Disabled
SFTP between AIX and LINUX server


Hi,
I want to use SFTP command in my script which should not ask for password. Hence i have used "ssh-keygen -t rsa" command on both servers and copied entry from id_rsa.pub to "authorized_keys" file.
location is $HOME/.ssh/
Now whenever i tried to connect from AIX server to Linux, it is asking me for password. But if i tried to connect from Linux to AIX server, i can connect directly without password.
Is there any steps that i am missing on either server? Or is there any alternative method to use SFTP in my script without prompting for password.
Waiting for your reply.

Thanks,
 
Old 01-22-2014, 02:54 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,415

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
we don't know if you've missed steps as you've not actually shown us the steps you've taken or any config associated with it. The most common reason for keys not working is, in my experience, incorrect permissions on the files. ~/.ssh should be 700, and ~/.ssh/authorized_keys should be 600.
 
1 members found this post helpful.
Old 01-22-2014, 03:15 AM   #3
zhjim
Senior Member
 
Registered: Oct 2004
Distribution: Debian Squeeze x86_64
Posts: 1,467
Blog Entries: 11

Rep: Reputation: 184Reputation: 184
You also have to do the steps on both machines.

Either copy the already created private key to the other machine and install the public key on the local machine.
Or create a new key and copy that ones public key over to the other.
 
Old 01-22-2014, 03:32 AM   #4
niranjan741
LQ Newbie
 
Registered: Jan 2014
Posts: 10

Original Poster
Rep: Reputation: Disabled
Hi,
Steps are:
On Aix Machine
Code:
cd $HOME/.ssh
ssh-keygen -t rsa
--- This will generate two files id_rsa and id_rsa.pub on AIX machine

On Linux Machine
Code:
cd $HOME/.ssh
ssh-keygen -t rsa
--- This will generate two files id_rsa and id_rsa.pub on Linux machine

On AIX machine, I have created a new file as "authorized_keys" and copied containts of "id_rsa.pub" from Linux machine and vice versa.
Given permission 755 for "authorized_keys" on both servers.

Then i checked on both servers SFTP command. It works fine for connecting from Linux to Aix but not working from Aix to Linux.

I tried to generate key twice but both time i faced same problem.

Last edited by niranjan741; 01-23-2014 at 12:38 AM.
 
Old 01-22-2014, 03:58 AM   #5
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,415

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
well as above, permissions look wrong, as you've said anyone on the entire machine can steal your keys.
 
Old 01-22-2014, 04:04 AM   #6
niranjan741
LQ Newbie
 
Registered: Jan 2014
Posts: 10

Original Poster
Rep: Reputation: Disabled
I changed the permissions as mentioned by acid_kewpie.
But it does not resolved my problem.

Also i am surprised, why it is working only for one way as i have implemented same steps on both servers.

Last edited by niranjan741; 01-22-2014 at 04:06 AM.
 
Old 01-22-2014, 04:17 AM   #7
NevemTeve
Senior Member
 
Registered: Oct 2011
Location: Budapest
Distribution: Debian/GNU/Linux, AIX
Posts: 1,939

Rep: Reputation: 524Reputation: 524Reputation: 524Reputation: 524Reputation: 524Reputation: 524
To help debugging copy+paste the output of this command (on both computer):

Code:
ls -ld ~/.ssh ~/.ssh/authorized_keys
 
Old 01-22-2014, 04:46 AM   #8
niranjan741
LQ Newbie
 
Registered: Jan 2014
Posts: 10

Original Poster
Rep: Reputation: Disabled
On AIX machine:


Code:
drwx------   2 <username> <group>         256 Jan 22 14:01 /home/db2inst1/.ssh
-rw-------   1 <username> <group>         398 Jan 22 13:50 /home/db2inst1/.ssh/authorized_keys

On Linux machine:
Code:
drwx------. 2 <username> <group>         4096 Jan 22 14:38 /home/sybasedev/.ssh
-rw-------  1 <username> <group>          397 Jan 22 14:38 /home/sybasedev/.ssh/authorized_keys

Last edited by niranjan741; 01-23-2014 at 12:37 AM.
 
Old 01-22-2014, 04:59 AM   #9
NevemTeve
Senior Member
 
Registered: Oct 2011
Location: Budapest
Distribution: Debian/GNU/Linux, AIX
Posts: 1,939

Rep: Reputation: 524Reputation: 524Reputation: 524Reputation: 524Reputation: 524Reputation: 524
I don't like that "." at the end of "drwx------." Maybe you have ACL or SeLinux or someshit else that wants to 'help' you...
Try this:

Code:
cd ~
mv .ssh .sshold
mkdir .ssh
chmod 0700 .ssh
cp -a .sshold/* .ssh/
ls -ld .ssh .ssh/authorized_keys

Last edited by NevemTeve; 01-23-2014 at 04:32 AM. Reason: Off-topic deleted
 
Old 01-22-2014, 05:21 AM   #10
niranjan741
LQ Newbie
 
Registered: Jan 2014
Posts: 10

Original Poster
Rep: Reputation: Disabled
I changed it accordingly
FYI....
Code:
drwx------ 2 <username> <group> 4096 Jan 22 15:43 .ssh
-rw------- 1 <username> <group> 397 Jan 22 14:38 .ssh/authorized_keys
But still it does'nt work for me.

Last edited by niranjan741; 01-23-2014 at 12:39 AM.
 
Old 01-22-2014, 05:29 AM   #11
NevemTeve
Senior Member
 
Registered: Oct 2011
Location: Budapest
Distribution: Debian/GNU/Linux, AIX
Posts: 1,939

Rep: Reputation: 524Reputation: 524Reputation: 524Reputation: 524Reputation: 524Reputation: 524
Better. How about your own home-directory?

Code:
ls -ld ~
Have you checked /etc/ssh/sshd_config in your linux? There should be sg like this:

Code:
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
Can you see any error message in file /var/log/auth.log?

Last edited by NevemTeve; 01-23-2014 at 04:33 AM. Reason: off-topic deleted
 
Old 01-22-2014, 05:56 AM   #12
niranjan741
LQ Newbie
 
Registered: Jan 2014
Posts: 10

Original Poster
Rep: Reputation: Disabled
I checked it. It is commented in the file.

Code:
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile     .ssh/authorized_keys
#AuthorizedKeysCommand none
#AuthorizedKeysCommandRunAs nobody
Do i need to change it? Also if i changed it, do i need to reboot server?

Last edited by niranjan741; 01-23-2014 at 12:39 AM.
 
Old 01-22-2014, 06:01 AM   #13
niranjan741
LQ Newbie
 
Registered: Jan 2014
Posts: 10

Original Poster
Rep: Reputation: Disabled
One more thing....
I checked the same file on AIX machine also.
There also these lines are commented. But still i am able to connect from Linux to Aix without password.

FYI...
Code:
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile     .ssh/authorized_keys

Last edited by niranjan741; 01-23-2014 at 12:40 AM.
 
Old 01-22-2014, 06:07 AM   #14
NevemTeve
Senior Member
 
Registered: Oct 2011
Location: Budapest
Distribution: Debian/GNU/Linux, AIX
Posts: 1,939

Rep: Reputation: 524Reputation: 524Reputation: 524Reputation: 524Reputation: 524Reputation: 524
Even if commented out, they mean that this is the default value, so it could be okay.
How about the other parts of my previous message?
(Always read the whole text, please, not only some lines.)
 
Old 01-22-2014, 06:22 AM   #15
niranjan741
LQ Newbie
 
Registered: Jan 2014
Posts: 10

Original Poster
Rep: Reputation: Disabled
Linux machine:
Code:
ls -ld ~
drwxrwxrwx. 37 <username> <group> 4096 Jan 22 15:42 /home/sybasedev
AIX machine:
Code:
$ ls -ld ~
drwxr-xr-x   8 <username> <group> 4096 Jan 21 16:49 /home/db2inst1
Is there any other way so that i can pass password for sftp into script?

Last edited by niranjan741; 01-23-2014 at 12:41 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SFTP from windows to Linux server sras Linux - General 3 11-18-2013 08:08 AM
Sftp connection between Windows server and linux server vikash.thbs Linux - Server 2 01-02-2012 11:25 AM
cannot login into SFTP server using Net::SFTP cccc Programming 1 10-31-2007 07:23 AM
Files truncated by sftp/sftp-server at 65kb gato Linux - Networking 1 12-18-2003 11:29 AM


All times are GMT -5. The time now is 08:10 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration