LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 01-02-2007, 10:35 AM   #1
ignignokt
LQ Newbie
 
Registered: Sep 2006
Posts: 19

Rep: Reputation: 0
SCP without Password help


Im trying to send a file in a script from one Solaris box to another. I used the following commands to set up the ssh but I am still being prompted for a password.

Code:
ssh-keygen -t rsa
ssh-keygen -t dsa
cat id_dsa.pub > authorized_keys
cat id_rsa.pub >> authorized_keys
rm id_dsa.pub id_rsa.pub
chmod 700 authorized_keys
Then I sent authorized_keys to the remote server's / .ssh directory. Im still being asked for the pass.

The user on the origin server is root and the user on the remote server is oracle. Do they have to be the same user on both machines?
 
Old 01-02-2007, 11:00 AM   #2
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,395
Blog Entries: 2

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
I think the permissions on your authorized_keys file should be 600. You will have to set this at the remote end after copying the file. I usually copy the key file only, then perform the copy-append at the remote end, so that any prior keys are not overwritten.

I've never used both rsa & dsa encryption, only one or the other. Not sure if that is a problem.

The authorized_keys file must be owned by the uid that will be using it, oracle, in your case.

--- rod.
 
Old 01-02-2007, 11:03 AM   #3
ignignokt
LQ Newbie
 
Registered: Sep 2006
Posts: 19

Original Poster
Rep: Reputation: 0
thanks for the reply. so on the remote machine, the authorized_keys file should be in the folder "export/home/oracle/.ssh" correct?
 
Old 01-02-2007, 11:59 AM   #4
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
You generated your keys in a rather bad way. The way you did it could have overwritten the local user's authorized_keys file, depending on what directory you're in. The correct way to do it is like:
Code:
host1 ~# ssh-keygen -t rsa
host1 ~# scp .ssh/id_rsa.pub user@host2:host1_id_rsa.pub
host1 ~# ssh user@host2
host2 ~$ mkdir .ssh
host2 ~$ chmod 700 .ssh
host2 ~$ cd .ssh
host2 .ssh$ mv ../host1_id_rsa.pub ./
host2 .ssh$ cat host1_id_rsa >> authorized_keys
host2 .ssh$ chmod 600 authorized_keys
In order to not be prompted for a password, you need to generate the key (with ssh-keygen) without a passphrase. That means when it prompts you for a passphrase while creating the key, just hit <enter> twice. If you have already created the key with a passphrase, you can use ssh-keygen -p -f ~/.ssh/id_rsa to change the passphrase. You don't need to do anything with the public key after you change the passphrase on the private key. The passphrase is only to unlock the private key so you can use it. NB: if you have a private key w/o a passphrase, that means anyone who can copy that private key can login as you to any machines that have your public key! Make sure that you protect your private key very well.

Last edited by chort; 01-02-2007 at 12:01 PM.
 
  


Reply

Tags
ssh public key, sshkeygen


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
scp, how to pass password in script ebel.velda Linux - Software 4 07-17-2007 05:13 PM
scp without password not reliable joanna Linux - Security 2 12-17-2005 10:23 PM
Include scp password in command cli_man Linux - General 1 08-05-2005 03:47 PM
scp, don't prompt password!! dlublink Linux - Networking 1 01-03-2005 12:54 PM
scp and no password mikeyt_333 Linux - General 2 03-26-2002 03:33 PM


All times are GMT -5. The time now is 12:05 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration