ssh keys - no password issue
HI,
I have setup this before, and never had an issue but this is the first time I cannot get it to work. Here are the permissions for authorized_keys -rw-r--r-- 1 user1 user1 624 Oct 8 14:16 authorized_keys I copied over the id_dsa.pub to this server and changed it to the authorized_keys file. here are the permissions for the .ssh directory drwx------ 2 user1 user1 4096 Oct 8 14:19 .ssh but when I ssh to that box it still asks for the password. Any ideas? I greatly appreciate it thanks |
Hi,
Code:
-rw-r--r-- 1 user1 user1 624 Oct 8 14:16 authorized_keys Code:
chmod 0600 ~/.ssh/authorized_keys |
have you looked at /var/log/auth.log on the server for any errors associated with the login?
are there restrictions in /etc/ssh/sshd_config on the server? when were the keys generated (ie, are you sure the private and public key match)? what are the permissions on the private key of the client (should be -rw-------)? |
Quote:
I think You should put here more detailed informations. Type of the key (dsa, rsa) etc.etc. ? Did You changed something in /etc/ssh/sshd_conf ? check if You have enabled authorized_keys Usually its not a problem with permissions, but with software configuration. |
Quote:
If OP has not changed the default configuration of /etc/sshd_conf file and followed this simple procedure, it should work. @OP Please let us know the contents of /etc/sshd_conf file |
Quote:
Try that did not work Thanks though |
Quote:
I have not but does not mean someone else did not I am looking now. Here are the options: #Port 22 #Protocol 2,1 #ListenAddress 0.0.0.0 #ListenAddress :: # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 768 # Logging #obsoletes QuietMode and FascistLogging #SyslogFacility AUTH SyslogFacility AUTHPRIV #LogLevel INFO # Authentication: #LoginGraceTime 2m PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no PasswordAuthentication yes # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no GSSAPIAuthentication yes #GSSAPICleanupCredentials yes GSSAPICleanupCredentials yes # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication mechanism. # Depending on your PAM configuration, this may bypass the setting of # PasswordAuthentication, PermitEmptyPasswords, and # "PermitRootLogin without-password". If you just want the PAM account and # session checks to run without PAM authentication, then enable this but set # ChallengeResponseAuthentication=no #UsePAM no UsePAM yes #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression yes #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 #ShowPatchLevel no # no default banner path #Banner /some/path # override default of no subsystems Subsystem sftp /usr/libexec/openssh/sftp-server Also i am using DSA keys |
btw if I try to do it from other server I really want to setup ssh keys with no password on both sides. I get an error
ssh inform@servers Connection closed by server1 If i remove the authorized.key file on remote server i can ssh but then asks me for password. |
Quote:
I just generated the files last week, and i do not have a /var/log/auth.log file on either server, the remote or client |
Hi
Code:
#Port 22 Did you try with RSA keys. As you are using RSAAuthentication yes |
Quote:
|
Woot using RSA keys worked!!!
Thanks a lot... Out of curiosity did it not work with DSA because there was no entry for it in sshd_config? Just so I know for future |
Quote:
|
All times are GMT -5. The time now is 05:26 PM. |