LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices



Reply
 
Search this Thread
Old 07-11-2006, 11:58 PM   #1
matticus
LQ Newbie
 
Registered: Jun 2006
Location: Perth, AUS
Distribution: SuSE 10.1
Posts: 25

Rep: Reputation: 15
ssh passwordless question


Hi all,
I've read alot of documentation on the ssh key stuff but I am unable to get a passwordless login to my server. I have given my public keys over to the other side. I think the issue is that the server uses the ssh protocal with a .ssh2/ file extension and my client machine has the standard .shh/ extension. I created a lookalike set of directories on the server and put the public key there but still can't access it without a password. any ideas anyone?
 
Old 07-12-2006, 02:12 AM   #2
rhoekstra
Member
 
Registered: Aug 2004
Location: The Netherlands
Distribution: RedHat 2, 3, 4, 5, Fedora, SuSE, Gentoo
Posts: 360

Rep: Reputation: 41
Do both systems have Linux on it ?

if so, you probably need .ssh on both machines. Also, I assume you have created an ssh2 key (nowadays on modern Linux boxes you need to explicitely tell ssh-keygen to create an ssh1 key, so unless you know better, it's likely you have an ssh2 key)?

I don't know if you have renamed your private key to some custom name. If so, fire ssh like 'ssh -i <private key file> -l <user> <hostname>'.

On the destination machine, you should also have a .ssh directory, relative to your homedir (so: ~/.ssh), with therein the file authorized_keys2.

The rights on the files are critical..

your .ssh directory can better be no other than mode 0700, as well as your authorized_keys2 file. They don't need to be this mode both per say, but I 'm unable to remember which needs this, so I put it on both).

Try if you already have done these and see if it works.

Remember to put a passphrase on the private key (unless it's a machine auto-ssh key for cronjobs) for security reasons. you can even use ssh-agent for entering your passphrase once per login session.
 
Old 07-12-2006, 03:15 AM   #3
fotoguy
Senior Member
 
Registered: Mar 2003
Location: Brisbane Queensland Australia
Distribution: KirraMail Live Email Server
Posts: 1,281

Rep: Reputation: 61
You also need to edit the sshd_config file on the server to allow empty passwords
 
Old 07-12-2006, 03:43 AM   #4
rhoekstra
Member
 
Registered: Aug 2004
Location: The Netherlands
Distribution: RedHat 2, 3, 4, 5, Fedora, SuSE, Gentoo
Posts: 360

Rep: Reputation: 41
in my opinion, the ssh with keys do not render passwords to be empty.. I haven't changed sshd_config for this any time.
 
Old 07-12-2006, 04:45 AM   #5
fotoguy
Senior Member
 
Registered: Mar 2003
Location: Brisbane Queensland Australia
Distribution: KirraMail Live Email Server
Posts: 1,281

Rep: Reputation: 61
Yes you are correct you don't need to touch the sshd_config file. Here's a script I wrote a while back that may find help.

############################################################
#!/bin/bash
USER="bill"
ADDRESS="192.168.1.15"
PORT="22"
NEWKEY="yes"

keygen () {
if [ $NEWKEY == "yes" ]; then
ssh-keygen -t dsa -f ~/.ssh/id_dsa
fi
}

checkfile () {
if [ -f ~/.ssh/authorized_keys2 ]; then
touch ~/.ssh/authorized_keys2
fi
}

# First let create the directory on the remote host them upload the certificate.
sshupload () {
cat ~/.ssh/id_dsa.pub | ssh -p $PORT $USER@$ADDRESS 'sh -c "mkdir ~/.ssh && cat - >>~/.ssh/authorized_keys2 && chmod 600 ~/.ssh/authorized_keys2"'
}

## Our Main Menu
press_enter () {
echo ""
echo -n "Press Enter to continue"
read
clear
}

selection=
until [ "$selection" = "0" ]; do
echo ""
echo "SSH Keygen PROGRAM MENU"
echo "1 - Generate & Upload New Key"
echo "2 - Upload Old Key"
echo ""
echo "0 - exit program"
echo ""
echo -n "Enter selection: "
read selection
echo ""
case $selection in
1 ) checkfile ; keygen ; sshupload ;;
2 ) sshupload ;;
0 ) exit ;;
* ) echo "Please enter 1, 2 or 0"; press_enter
esac
done

exit 0
############################################################
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Setting up passwordless ssh blackdragonblood Linux - Networking 34 07-24-2008 04:29 AM
Passwordless SSH with SSH commercial server and open ssh cereal83 Linux - General 7 04-18-2006 01:34 PM
Can't get passwordless ssh working thorney Linux - Networking 3 11-27-2005 11:08 PM
Ssh passwordless : Urgent muneebs123 Linux - Security 23 06-21-2005 09:26 PM
Regarding Passwordless SSH nedian123 Linux - Software 1 08-05-2004 06:07 PM


All times are GMT -5. The time now is 08:05 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration