|
openSSH
Hello
I am attempting to remote connect two linux systems together (one called frame, a RHL and the other steve, a fedora OS) using ssh. Here is the procedure I followed: #1 Generated dsa keys: $ ssh-keygen -t dsa on both computers frame and steve. I placed the id_dsa and id_dsa.public in a .ssh file on the home directory of the respective computers. NOTE: I generated a "passphrase" for both computers using "keygen" #2 I copied the public keys (id_dsa.pub) into the respective "authorized_keys" file that I also placed in the .ssh folder. #3 I attempted to connect from steve to frame using $ "ssh frame@localhost.localdomain" and I got "Permission denied".. The password that I used to connect to frame was the "passphrase" that I used to generate frame's keys.. Could someone tell me what I am doing wrong. This is my FIRST time attempting to do this and I have looked stuff up on line and in some books, but have not found anything that I can detect as directly related to my problem. Any help would be greatly appreciated... I did notice that I do have a ssh folder at /ect, and am not sure if I should place my keys here instead of at the /home/.ssh????? Thanks |
The basic syntax is ssh username@hostname or ssh username@ip_address. However, if you do not have anything that resolves hostname to IP address then the first method will fail. localhost references the local loopback address (127.0.0.1) and is used for accessing network services on the computer itself.
So trying the command "ssh frame@localhost.localdomain" from steve will fail if you do not have a user named frame on computer steve. In addition since you didn't have the right public keys on steve the password prompt was for the login password not the passphrase. I assume you have not disabled password authentication just yet. /etc/ssh contains the server and default client configuration files. If the firewall is running on both PCs make sure they allow ssh traffic. Make sure the file permissions in your username (~/.ssh) are set for 600 and the ssh directory it self is 700. Does any of this make sense? |
Steve, you haven't mentioned which user you're connecting from & to. Make sure you specify that, unless its the same user on each side.
I'd also recommend using RSA keys, rather than DSA (faster). Here's an example of what of how to setup access from user1@steve -> user2@frame: user1@steve$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): <enter password> Enter same passphrase again: <repeat password> user1@steve$ chmod 700 ~/.ssh user1@steve$ chmod 600 ~/.ssh/id_rsa user1@steve$ cat ~/.ssh/id_rsa.pub <highlight key & copy to clipboard> ...in another window, logged into frame... user2@frame$ mkdir ~/.ssh user2@frame$ chmod ~/.ssh user2@frame$ vi ~/.ssh/authorized_keys <in edit mode, paste contents of clipboard (key from steve grabbed above). Write & Quit> user2@frame$ chmod 700 ~/.ssh user2@frame$ chmod 600 ~/.ssh/authorized_keys ...back on steve... user1@steve$ ssh user2@frame <you may be prompted to confirm the hostkey for frame2. Accept> user2@frame$ ...you should get a login prompt on frame. To access from user2@frame to user1@steve, for the above in reverse. I set permissions above specifically. e.g. if perms are too weak on either side, SSH won't allow the connection. |
I've recently put together a 5 steps version of this: http://centos.tips/ssh_nopw/
|
| All times are GMT -5. The time now is 07:30 AM. |