AIXThis forum is for the discussion of IBM AIX.
eserver and other IBM related questions are also on topic.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
From the Linux box using ssh-copy-id to add the key to the AIX machine; if you cut and pasted the key into authorized_keys via a terminal it may have added an extra line break or other characters. Try running sshd directly with multiple '-d' options, when you connect to it from the linux machine look for any messages referencing public key or the authorized_keys file.
I am not expert at linux side. Can you please explain steps in details.
And one more thing, I used same steps for Linux to AIX which is working fine.
You'll almost certainly have different versions of openssh on the 2 boxes anyway, and from what I understand above there are permissions on your AIX home directory that sshd won't like when using public keys.
ssh-copy-id -i ~/.ssh/yourkey.pub user@aixbox
ssh-copy-id is nice because it can fix permission issues on the .ssh directory & SELinux and eliminates typos or whitespace pasting in the key.
To debug the login from the AIX box's ssh server, do:
stopsrc -s sshd
/usr/sbin/sshd -d -d -d
Now when you login you'll get a few screenfulls of debugging information that might point to where it is having trouble with the key. Note that in debug mode sshd will exit after the first client disconnects and this will obviously prevent new ssh logins until you restart sshd with startsrc. It would probably be safer to run the server in debug mode on a different port (-p option), especially if this is a production box.
The problem is the AIX pub key and the linux authorized_keys, since that is what is asking you for pass.
Try a few other things to see if you can reduce where you are looking. Do you have another linux or unix box? If you have a third box:
1) try copying aix pub key to itself and see if you can ssh localhost without pass (test the aix key pair)
2) try copying linux pub key to itself and see if you can ssh localhost without pass (test authorized_keys on linux)
3) try copying the aix pub key to the third box.
4) try copying pub key from third box to target linux box
HOpefully that should give you some hints
As far as why, I have once in awhile seen stuff happened that boggled my mind. The same thing you are mentioning above happened to me with two linux servers A and B
A -> B no prob
B -> A could not
I repeated the steps over and over and it drove me crazy
Eventually on linux I found that using ssh-copy-id worked.
ls -ld ~
drwxrwxrwx. 37 <username> <group> 4096 Jan 22 15:42 /home/sybasedev
As far as I know, SSH will ignore the authorized_keys file if your home directory is world accessible like this. It certainly does on my machine.
As others have also suggested, I'd recommend that you test this with another user account to confirm that this is the problem. I'd then strongly recommend that you change the permissions. If there are some files that need to be accessed by multiple users, 2 suggestions:
1. Move it to a separate directory, outside of anybody's home directory
2. Put all those users in a common group, and restrict the permissions to the group, rather than giving everyone on the machine full access.