LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   AIX (https://www.linuxquestions.org/questions/aix-43/)
-   -   SFTP between AIX and LINUX server (https://www.linuxquestions.org/questions/aix-43/sftp-between-aix-and-linux-server-4175492117/)

niranjan741 01-22-2014 02:19 AM

SFTP between AIX and LINUX server
 
Hi,
I want to use SFTP command in my script which should not ask for password. Hence i have used "ssh-keygen -t rsa" command on both servers and copied entry from id_rsa.pub to "authorized_keys" file.
location is $HOME/.ssh/
Now whenever i tried to connect from AIX server to Linux, it is asking me for password. But if i tried to connect from Linux to AIX server, i can connect directly without password.
Is there any steps that i am missing on either server? Or is there any alternative method to use SFTP in my script without prompting for password.
Waiting for your reply.

Thanks,

acid_kewpie 01-22-2014 02:54 AM

we don't know if you've missed steps as you've not actually shown us the steps you've taken or any config associated with it. The most common reason for keys not working is, in my experience, incorrect permissions on the files. ~/.ssh should be 700, and ~/.ssh/authorized_keys should be 600.

zhjim 01-22-2014 03:15 AM

You also have to do the steps on both machines.

Either copy the already created private key to the other machine and install the public key on the local machine.
Or create a new key and copy that ones public key over to the other.

niranjan741 01-22-2014 03:32 AM

Hi,
Steps are:
On Aix Machine
Code:

cd $HOME/.ssh
ssh-keygen -t rsa

--- This will generate two files id_rsa and id_rsa.pub on AIX machine

On Linux Machine
Code:

cd $HOME/.ssh
ssh-keygen -t rsa

--- This will generate two files id_rsa and id_rsa.pub on Linux machine

On AIX machine, I have created a new file as "authorized_keys" and copied containts of "id_rsa.pub" from Linux machine and vice versa.
Given permission 755 for "authorized_keys" on both servers.

Then i checked on both servers SFTP command. It works fine for connecting from Linux to Aix but not working from Aix to Linux.

I tried to generate key twice but both time i faced same problem.

acid_kewpie 01-22-2014 03:58 AM

well as above, permissions look wrong, as you've said anyone on the entire machine can steal your keys.

niranjan741 01-22-2014 04:04 AM

I changed the permissions as mentioned by acid_kewpie.
But it does not resolved my problem.

Also i am surprised, why it is working only for one way as i have implemented same steps on both servers.

NevemTeve 01-22-2014 04:17 AM

To help debugging copy+paste the output of this command (on both computer):

Code:

ls -ld ~/.ssh ~/.ssh/authorized_keys

niranjan741 01-22-2014 04:46 AM

On AIX machine:


Code:

drwx------  2 <username> <group>        256 Jan 22 14:01 /home/db2inst1/.ssh
-rw-------  1 <username> <group>        398 Jan 22 13:50 /home/db2inst1/.ssh/authorized_keys


On Linux machine:
Code:

drwx------. 2 <username> <group>        4096 Jan 22 14:38 /home/sybasedev/.ssh
-rw-------  1 <username> <group>          397 Jan 22 14:38 /home/sybasedev/.ssh/authorized_keys


NevemTeve 01-22-2014 04:59 AM

I don't like that "." at the end of "drwx------." Maybe you have ACL or SeLinux or someshit else that wants to 'help' you...
Try this:

Code:

cd ~
mv .ssh .sshold
mkdir .ssh
chmod 0700 .ssh
cp -a .sshold/* .ssh/
ls -ld .ssh .ssh/authorized_keys


niranjan741 01-22-2014 05:21 AM

I changed it accordingly
FYI....
Code:

drwx------ 2 <username> <group> 4096 Jan 22 15:43 .ssh
-rw------- 1 <username> <group> 397 Jan 22 14:38 .ssh/authorized_keys

But still it does'nt work for me.

NevemTeve 01-22-2014 05:29 AM

Better. How about your own home-directory?

Code:

ls -ld ~
Have you checked /etc/ssh/sshd_config in your linux? There should be sg like this:

Code:

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys

Can you see any error message in file /var/log/auth.log?

niranjan741 01-22-2014 05:56 AM

I checked it. It is commented in the file.

Code:

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile    .ssh/authorized_keys
#AuthorizedKeysCommand none
#AuthorizedKeysCommandRunAs nobody

Do i need to change it? Also if i changed it, do i need to reboot server?

niranjan741 01-22-2014 06:01 AM

One more thing....
I checked the same file on AIX machine also.
There also these lines are commented. But still i am able to connect from Linux to Aix without password.

FYI...
Code:

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile    .ssh/authorized_keys


NevemTeve 01-22-2014 06:07 AM

Even if commented out, they mean that this is the default value, so it could be okay.
How about the other parts of my previous message?
(Always read the whole text, please, not only some lines.)

niranjan741 01-22-2014 06:22 AM

Linux machine:
Code:

ls -ld ~
drwxrwxrwx. 37 <username> <group> 4096 Jan 22 15:42 /home/sybasedev

AIX machine:
Code:

$ ls -ld ~
drwxr-xr-x  8 <username> <group> 4096 Jan 21 16:49 /home/db2inst1

Is there any other way so that i can pass password for sftp into script?


All times are GMT -5. The time now is 03:21 AM.