LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 07-16-2004, 07:49 PM   #1
mijohnst
Member
 
Registered: Nov 2003
Location: Huntsville, AL
Distribution: RHEL, Solaris, OSX, SuSE
Posts: 401

Rep: Reputation: 31
ssh-keygen problem


I have a cluster system using NIS and I can't seem to get the ssh keys to work with users anymore. Up until last week I could get this to work, but now I can't. Older users that I added keys for still continue to work fine, just not any new users. This is what I've been doing. Maybe someone can tell me if they see something I'm doing wrong...

###########################################
1. useradd mike
2. passwd mike
3. su mike
4. cd ~
5. ssh-keygen -b 1024 -t rsa (hit enter through all optons)
6. cd .ssh
7. cp id_rsa.pub authorized_keys
8. cp /root/knownhosts . (this is a list of known hosts)
9. cd /var/yp
10. make
###########################################

After this, the users used to be able to type "ssh node1" or any node and it would allow them to login with no password. Now when any new user does that it asks for a password. Above is what I've done for everyone else before and it always worked. Can someone see what might be wrong? Thanks!
 
Old 07-16-2004, 08:35 PM   #2
avarus
Member
 
Registered: Apr 2004
Location: Oxford, UK
Distribution: Ubuntu, Debian, various
Posts: 230
Blog Entries: 5

Rep: Reputation: 32
Anything useful popping up when you run verbose mode (ssh -v node1)?
 
Old 07-18-2004, 01:10 AM   #3
mijohnst
Member
 
Registered: Nov 2003
Location: Huntsville, AL
Distribution: RHEL, Solaris, OSX, SuSE
Posts: 401

Original Poster
Rep: Reputation: 31
Good Point Avarus. I'll try that on Monday when I get back to work. Thanks for the tip...
 
Old 07-19-2004, 04:05 PM   #4
mijohnst
Member
 
Registered: Nov 2003
Location: Huntsville, AL
Distribution: RHEL, Solaris, OSX, SuSE
Posts: 401

Original Poster
Rep: Reputation: 31
Okay, I've run the -v option using SSH and tried comparing an account that works against one that does not and this is what I've come up with. Below, I'm starting with where the lines become different between both users.

# debug1: Authentication that can continue: publickey, password, keyboard-interactive
# debug1: next auth method is publickey
# debug1: try privkey: /home/user2/.ssh/identify
# debug1: try publickey: /home/user2/.ssh/id_rsa
# debug1: Authentication that can continue: publickey, password, keyboard-interactive
# debug1: try privkey: /home/user2/.ssh/id_dsa
# debug1: next auth method is to try keyboard-interactive
# debug1: Authentication that can continue: publickey, password, keyboard-interactive
# debug1: next auth method is to try password

I see the problem is slapping me in the face, but I can't figure out why... All the files that I have in the .ssh directory are known_hosts, id_rsa, id_rsa.pub and authorized_keys.

Any direction to look would be great.

Last edited by mijohnst; 07-19-2004 at 04:19 PM.
 
Old 07-20-2004, 12:50 PM   #5
mijohnst
Member
 
Registered: Nov 2003
Location: Huntsville, AL
Distribution: RHEL, Solaris, OSX, SuSE
Posts: 401

Original Poster
Rep: Reputation: 31
Hum.. I think I'm narrowing it down to an NIS problem. When I do a 'ypcat passwd' on any node I don't see the names of the new accounts I created...

I also looked into the /etc/sysconfig/network and saw that the NISDOMAIN was different on my master node then it was on my slave nodes.

I've changed them all to be on the correct NIS domains now, but is there a way that I can restart the NISDOMAIN without having to reboot every node?

Last edited by mijohnst; 07-20-2004 at 01:12 PM.
 
Old 07-20-2004, 02:00 PM   #6
mijohnst
Member
 
Registered: Nov 2003
Location: Huntsville, AL
Distribution: RHEL, Solaris, OSX, SuSE
Posts: 401

Original Poster
Rep: Reputation: 31
I figured it all out. The only reason I'm post is just in case anyone else has the problem.

It turns out that my nodes weren't on the correct NIS domain. After typing "domainserver mydomainname" and restarting the ypbind it started working again.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh-agent, ssh-add and ssh-keygen AND CVS raylpc Linux - General 2 11-19-2008 03:50 AM
problem with SSH-KEYGEN with some server ohgin Linux - Newbie 1 08-17-2005 11:35 AM
how can i create a ssh-keygen for user?? yenonn Linux - General 1 06-14-2005 11:37 PM
How to ssh-keygen? Baran Linux - Networking 5 04-26-2005 03:40 PM
sftp and ssh-keygen help please grayhost Linux - Newbie 2 06-26-2003 06:51 PM


All times are GMT -5. The time now is 07:36 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration