SSH to work without a password between CentOS & Cygwin
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541
Rep:
When you generated the keys (with ssh-keygen) did you hit the return for the pass phrase?
Did you copy the "doy-pub" file to the other machine and save it in authorized_keys in the ~/.ssh directory?
Do you have a ~/.ssh/conf file containing, roughly, this
Code:
Host hostname-of-the-other-machine
Compression yes
Protocol 2,1
User user-name-on-the-other-machine
Host *
ForwardX11 no
The conf file is not necessary, but it makes life a little easier; it's local to this user, not system-wide.
Can you simply
Code:
ssh hostname
and get a connection (in both directions)?
Do you have the host names in /etc/hosts (it looks like you're using fixed-IP)? The form is
Code:
address host.domain host
Trick: when you generate the keys, copy the dot-pub file to a file named host (where "host" is the name of this machine); that way, you won't accidentally overwrite the dot-pub on the other one.
Looking at your debug output, you haven't specified the user name. I would noramlly expect to use 'ssh <someusername>@<someserver or IP>. I suspect ssh would be very confused without a user nane specified for the server
I would also look at how you copied the public key to the server - I had one user who cut 'n pasted the key, which will cause problems every time. Other than that, it should certainly work. I use keys to log into a number of remote systems, never had a problem with it....
the user name is the same on both boxes. i tired with adding the username but same result
Looking at the man page, I see there is some allowance to store identity information, so maybe that is why you don't need to specify user name. I'll have to check that some more - I didn't know it existed...
Quote:
i copied the key via winSCP and ran "$ cat /id_dsa.pub >> ~/.ssh/authorized_keys" on the win server via ssh
I guess thats ok?
I would have thought so. I do wonder a bit though - looking at your debug output, there are these two lines:
Code:
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
which makes me think the key is not being properly rcognized. If you check the ~/.ssh/authorized_keys, what does the file look like? It should be a single line, no wrapping, and none of the ones I've looked at have '----BEGIN' in them. Usually a single line of characters followed by an '== <usernae>@<machine>
On a couple of machines, I had to produce two authroized_keys files, one named 'authorized_key' and the other 'authroized_keys2'. That may be specific to some version of OpenSSH though, don't know.
I've just commisionsed a new server in my home network. I'll try setting up keys for it and see how it goes. The only other difference I can see is that all my keys have been generated under Linux, not Windows, though I have used Putty to convert some keys for use when I have to be in Windows.
Have created a 'authroized_keys2' but results are the same
The keys have been generated on my Linux server and copied to the Win server that's using Cygwin - is this the same setup you have? - im starting to believe that maybe Cygwin is the problem?
Yes, though I don't use DSA keys (all RSA here). I've not looked at the private key for a long time, so had forgotten the format. I'm still puzzled as to the error generated by the --BEGIN and --END lines, since I assume that error is having to come from SSH running under CentOS. From what you say, CentOS generated the key pair, so I don't understand why it should have difficulty with it. Given that the error comes from the private key, I would be inclined to rule Cygwin out as being the cause of the problem - it should know nothing about the private key.
Quote:
Have created a 'authroized_keys2' but results are the same
The keys have been generated on my Linux server and copied to the Win server that's using Cygwin - is this the same setup you have? - im starting to believe that maybe Cygwin is the problem?
My situation is a bit different. I maitain a number of SME servers for local small businesses. SME is based on CentOS 4.xx, so its a bit out of date. I have things set up so that I can SSH into the servers from remote to do normal admin. Since the logins are over the internet, my public/private key pair are protected by a passphrase and I have the SSH daemon listening on a non-standard port. However, in a couple of instances, I log into a gateway server and need to get to an internal sever. For those instances, I've set up pretty much exactly what you're trying to do - I've copied the public key from the gateway server to ~/.ssh/authorized_keys on the internal server (in these instances, there is no passphrase) and can then SSH from the gateway server to the internal server. The only difference there is that these are all Linux boxen - no Windows involved.
I've not played with Cygwin for a long time (don't run Windows much), but I'll see if I can set it up to use SSH in my local network - I do have an XP box (customer repair) which I can install it on and try it out. Be a few hours - I'm on shift for another 10 hours yet.
Hey Paul, thank you! if there is any extra info i can give please let me know.
fyi - the reason for this is that I have a web server and an OpenVPN connection from it to my home Windows Server. I'm not worried about using a passphrase as the connections only allowed over the VPN.
hmm - OpenVPN, maybe should of said this at the start. But all works fine over that connection including SSH without keys
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.