passwordless ssh problem

blckspder · 03-03-2009, 09:21 AM

Hello, Ive been looking around the forum and havent come across a solution for my problem.

I am trying to setup a passwordless ssh connection between 2 servers so I can use rsync. I generated the keys and set everything up like the dozens of tutorials say too but it still prompts for a password here is the debug out put:

PHP Code:



OpenSSH_4.7p1, OpenSSL 0.9.8b 04 May 2006 
debug1: Reading configuration data /etc/ssh/ssh_config 
debug1: Applying options for * 
debug1: Connecting to www.xxx-xxx.com [192.168.111.250] port xx. 
debug1: Connection established. 
debug1: identity file /home/synco/.ssh/identity type -1 
debug1: identity file /home/synco/.ssh/id_rsa type -1 
debug1: identity file /home/synco/.ssh/id_dsa type 2 
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.5 
debug1: match: OpenSSH_4.5 pat OpenSSH* 
debug1: Enabling compatibility mode for protocol 2.0 
debug1: Local version string SSH-2.0-OpenSSH_4.7 
debug1: SSH2_MSG_KEXINIT sent 
debug1: SSH2_MSG_KEXINIT received 
debug1: kex: server->client aes128-cbc hmac-md5 none 
debug1: kex: client->server aes128-cbc hmac-md5 none 
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent 
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP 
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent 
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY 
debug1: checking without port identifier 
The authenticity of host '[www.xxx-xxx.com]:xx 
([192.168.111.250]:31234)' can't be established. 
RSA key fingerprint is 74:18:dd:69:71:ce:96:ad:22:aa:ce:06:23:88:9b:9e. 
Are you sure you want to continue connecting (yes/no)? yes 
Failed to add the host to the list of known hosts (/home/synco/.ssh/known_hosts). 
debug1: ssh_rsa_verify: signature correct 
debug1: SSH2_MSG_NEWKEYS sent 
debug1: expecting SSH2_MSG_NEWKEYS 
debug1: SSH2_MSG_NEWKEYS received 
debug1: SSH2_MSG_SERVICE_REQUEST sent 
debug1: SSH2_MSG_SERVICE_ACCEPT received 
debug1: Authentications that can continue: publickey,gssapi-with-mic,password 
debug1: Next authentication method: gssapi-with-mic 
debug1: Unspecified GSS failure.  Minor code may provide more information 
No credentials cache found 
 
debug1: Unspecified GSS failure.  Minor code may provide more information 
No credentials cache found 
 
debug1: Unspecified GSS failure.  Minor code may provide more information 
 
 
debug1: Next authentication method: publickey 
debug1: Trying private key: /home/synco/.ssh/identity 
debug1: Trying private key: /home/synco/.ssh/id_rsa 
debug1: Offering public key: /home/synco/.ssh/id_dsa 
debug1: Authentications that can continue: publickey,gssapi-with-mic,password 
debug1: Next authentication method: password 
synco@www.xxx-xxx.com's password:

Any help would be greatly appreciated! Thanks.

chitambira · 03-03-2009, 09:41 AM

which ssh client are you using? did you load your private key first?

wsduvall · 03-03-2009, 09:45 AM

You should also check the permissions on .ssh and .ssh/known_hosts. I've had problems with that before... I always uses the command ssh-copy-id to put my key on the server to ensure correct permissions. Also, are you using DSA or RSA keys?

mfons · 03-03-2009, 09:59 AM

In my case, it was perms fault:

These are the steps I've followed with no problems for root user:
1. In /root/.ssh/ generate keys:
ssh-keygen -b 1024 -t rsa1
ssh-keygen -b 1024 -t rsa
ssh-keygen -b 1024 -t dsa

These commands generate the files: identity.pub, id_rsa.pub and id_dsa.pub

2. Generate a file with those 3 files:
cat identity.pub > keypub.host.root
cat id_rsa.pub >> keypub.host.root
cat id_dsa.pub >> keypub.host.root

3. scp >> keypub.host.root host_destiny:/root/.ssh/

4. Add to authorized_keys
cat keypub.host.root >> /root/.ssh/authorized_keys

5. Check on destiny: perms on /root are set to 750
6. Check on destiny: perms on /root/.ssh are set to 700
7. Check on destiny: perms on /root/.ssh/authorized_keys are set to 644

Then you'll be able to ssh destiny without passwd with user root

blckspder · 03-03-2009, 01:55 PM

Thanks for the replies. I followed this little tutorial:
http://blog.rvdavid.net/instant-or-p...-ing-in-linux/

It used dsa keys.

mfons, thanks for the quick tutorial, I will try it out and see how it works, Ill let you know thanks again.

chitambira · 03-04-2009, 03:29 AM

ssh and rsync:
http://www.howtomonster.com/2007/08/...automatically/
http://troy.jdmz.net/rsync/index.html
http://everythinglinux.org/rsync/

blckspder · 03-05-2009, 09:29 AM

chitambira,

Thanks for the post, the first link you supplied worked like a charm!
http://www.howtomonster.com/2007/08/...automatically/