LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 02-16-2005, 01:57 AM   #1
exodist
Senior Member
 
Registered: Aug 2003
Location: Portland, Oregon
Distribution: Gentoo
Posts: 1,372

Rep: Reputation: 46
ssh keys


I have 2 systems I wish to use ssh on from one another using keys so I will not need to enter a password.

I have done this several times with no issues.

I am not a newb no need to water it or baby it down at all

problem:

After setting up the keys I can ssh from compA to compB, but it requires the password. From compB trying to reach compA it immediately closes the connection.

Tried removing the keys and it works fine, but requires passwords (duh)

everything in .ssh is chmod 600 on both systems

both systems have the same public and private keys for dsa, rsa, and identity
both have the proper authorized_keys file with the publix key for each of the above inside it.

the keys work fine when connecting to a 3'rd remote computer with the exact same authorized_keys file, by work I mean ssh connects and does not prompt for a password

both comps have exact copies of .ssh/ under same username

both can connect to the third comp (I have no control of system and cannot upload my private keys to test it connecting to A and B)

both have same config files and ssh versions:


Code:
#	$OpenBSD: ssh_config,v 1.19 2003/08/13 08:46:31 markus Exp $

# This is the ssh client system-wide configuration file.  See
# ssh_config(5) for more information.  This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for various options

# Host *
#   ForwardAgent no
   ForwardX11 yes
   RhostsRSAAuthentication yes
   RSAAuthentication yes
   PasswordAuthentication yes
#   HostbasedAuthentication no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
   StrictHostKeyChecking no
   IdentityFile ~/.ssh/identity
   IdentityFile ~/.ssh/id_rsa
   IdentityFile ~/.ssh/id_dsa
#   Port 22
#   Protocol 2,1
#   Cipher 3des
#   Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
#   EscapeChar ~
Code:
#	$OpenBSD: sshd_config,v 1.69 2004/05/23 23:59:53 dtucker Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.

#Port 22
Protocol 2
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768

# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile	.ssh/authorized_keys

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing, 
# and session processing. If this is enabled, PAM authentication will 
# be allowed through the ChallengeResponseAuthentication mechanism. 
# Depending on your PAM configuration, this may bypass the setting of 
# PasswordAuthentication, PermitEmptyPasswords, and 
# "PermitRootLogin without-password". If you just want the PAM account and 
# session checks to run without PAM authentication, then enable this but set 
# ChallengeResponseAuthentication=no
#UsePAM no

AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression yes
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10

# no default banner path
#Banner /some/path

# override default of no subsystems
Subsystem	sftp	/usr/lib/misc/sftp-server
as far as I remember having set it up several times before everything is correct.

Any help would be appreciated.
 
Old 02-16-2005, 02:13 AM   #2
angrybeaver
Member
 
Registered: Aug 2004
Location: .au
Distribution: debian, BSD
Posts: 104

Rep: Reputation: 16
I thought it may be a versioning problem with the cypher type you're using to generate the key, but you're using the same version, so I dunno. you could run up sshd on both ends in very verbose debug mode. It should give you some clues as to why its rejecting the empty passphrase. have you tried that yet?
 
Old 02-16-2005, 09:47 AM   #3
exodist
Senior Member
 
Registered: Aug 2003
Location: Portland, Oregon
Distribution: Gentoo
Posts: 1,372

Original Poster
Rep: Reputation: 46
I have not tried that, I will though
 
Old 02-16-2005, 11:16 AM   #4
exodist
Senior Member
 
Registered: Aug 2003
Location: Portland, Oregon
Distribution: Gentoo
Posts: 1,372

Original Poster
Rep: Reputation: 46
it shows that ssh (even after recompile) segfaults as soon as a connection is attempted.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH keys alon005 Linux - Security 5 10-14-2004 04:39 AM
ssh keys merchtemeagle Linux - Newbie 4 10-12-2004 01:12 AM
ssh keys Lucasite Linux - Security 2 03-11-2004 01:43 PM
Configuring SSH to accept only keys (already have keys) fr0st Linux - Security 3 11-04-2003 04:31 AM
SSh Keys shaggz Linux - General 2 02-19-2003 10:09 PM


All times are GMT -5. The time now is 06:46 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration