LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-27-2013, 03:34 PM   #1
alaios
Senior Member
 
Registered: Jan 2003
Location: Aachen
Distribution: Opensuse 11.2 (nice and steady)
Posts: 2,185

Rep: Reputation: 45
ssh-copy-id fails. How to start from scratch


Dear all,
I am trying to use this simple guide to copy the keys
http://www.thegeekstuff.com/2008/11/...n-ssh-copy-id/

but it looks like that I am doing something wrong so even when I do the copy of the key I keep being asked for a password when I am connecting to the remote server.

I guess the easier would be to help me "start from scratch" as I might be having mixed a bit the files.

If that helps I give a bit of command line history, but as said it would be easier if I start from scratch, rather than trying to fix things
(have to edit a bit the history output to hide some stuff)

Code:
host:/home/user # ssh-copy-id -i id_rsa.pub user@remoteHost
/usr/bin/ssh-copy-id: ERROR: No identities found
host:/home/user # cd /root/.s
.skel/       .ssh/        .subversion/ 
host:/home/user # cd /root/.ssh/
host:~/.ssh # ls
id_rsa.pub  known_hosts  known_hosts.old
host:~/.ssh # ssh-copy-id -i id_rsa.pub user@remoteHost
Password: 
Now try logging into the machine, with "ssh 'user@remoteHost'", and check in:

  ~/.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

host:~/.ssh # ssh user@remoteHost
Password:    HERE IS THE PART THAT I STILL NEED TO GIVE PASSWORD
Last login: Wed Mar 27 19:56:33 2013 from remoteHostPartHidden
Have a lot of fun...
user@remoteHost:~> exit
 
Old 03-27-2013, 06:53 PM   #2
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,258

Rep: Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328
Keys are user specific; you have to copy your current user's key to the remote user's acct, where the local and remote user must be the same.
Do it as that user.

Also check '#AuthorizedKeysFile .ssh/authorized_keys' in /etc/ssh/sshd_config in target server.

Last edited by chrism01; 03-27-2013 at 06:56 PM.
 
Old 03-27-2013, 09:20 PM   #3
lleb
Senior Member
 
Registered: Dec 2005
Location: Florida
Distribution: CentOS/Fedora
Posts: 2,630

Rep: Reputation: 495Reputation: 495Reputation: 495Reputation: 495Reputation: 495
Code:
###### DIRECTIONS FOR CREATING RSA KEY################

	Directions for creating the rsa key and making the two
 servers talk to each other without password.

	1st change directory into .ssh and check what files are there.

 		[rx30@rx30 ~]$ cd .ssh
		[rx30@rx30 .ssh]$ ls -l
		total 4
		-rw-r--r-- 1 rx30 group 2980 Jun 13 12:02 known_hosts

	2nd create the rsa key.

		[rx30@rx30 .ssh]$ ssh-keygen -t rsa -b 4096
		Generating public/private rsa key pair.
		Enter file in which to save the key (/usr/rx30/.ssh/id_rsa):
		Enter passphrase (empty for no passphrase):
		Enter same passphrase again:
		Your identification has been saved in /usr/rx30/.ssh/id_rsa.
		Your public key has been saved in /usr/rx30/.ssh/id_rsa.pub.
		The key fingerprint is:
		cb:b0:40:c6:e9:f4:9e:f5:71:fc:c3:00:c0:f7:c6:75 rx30@rx30.localdomain

	3rd check that there are two new files with the following permissions

		[rx30@rx30 .ssh]$ ls -l
		total 12
		-rw------- 1 rx30 group 3243 Jun 22 15:50 id_rsa
		-rw-r--r-- 1 rx30 group  743 Jun 22 15:50 id_rsa.pub
		-rw-r--r-- 1 rx30 group 2980 Jun 13 12:02 known_hosts
	
	4th change directory back to the users $HOME

		[rx30@rx30 .ssh]$ cd

	5th copy the key to the remote server

		[rx30@rx30 ~]$ ssh-copy-id -i ~/.ssh/id_rsa.pub rx30@XXX.XXX.XXX.XXX
		25
		rx30@XXX.XXX.XXX.XXX's password:
		Now try logging into the machine, with "ssh 'rx30@XXX.XXX.XXX.XXX'", and check in:

		.ssh/authorized_keys

		to make sure we haven't added extra keys that you weren't expecting.

	6th, follow directions on the screen.

		[rx30@rx30 ~]$ ssh rx30@XXX.XXX.XXX.XXX
		Last login: Fri Jun 22 14:12:08 2012 from 10.10.4.77
		[rx30@rx30 ~]$ exit
		logout
		Connection to XXX.XXX.XXX.XXX closed.
 
Old 03-27-2013, 10:40 PM   #4
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,800
Blog Entries: 4

Rep: Reputation: 286Reputation: 286Reputation: 286
Once check it out here.

You can copy the keys to remote machine as follow:
Code:
~$ cat ~/.ssh/id_rsa.pub | ssh user@remotehost 'cat >> ~/.ssh/authorized_keys'
 
Old 03-27-2013, 10:59 PM   #5
evo2
LQ Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and Scientific Linux
Posts: 5,753

Rep: Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288
Hi,

instead of us just guessing what is going on, please run ssh in verbose mode:

Code:
ssh -vvv user@remoteHost
Also if you have access to it, have a look at what the sshd on remoteHost is logging.

If you can't read the log of sshd on remoteHost you can start another instance of sshd in debug mode on a high port and try to ssh to that. Eg

On remoteHost:
Code:
/usr/sbin/sshd -d -p 66666
Then on your local machine
Code:
ssh -p 66666 -vvv user@remoteHost
Have a look at what your sshd spits out to the terminal.

HTH,

Evo2.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Installation of Sysvinit-2.86 fails on Cross Linux From Scratch LUB997 Programming 1 07-20-2009 02:25 AM


All times are GMT -5. The time now is 08:00 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration