ssh -i does not use my identity file?

SibLiant · 11-05-2009, 06:21 AM

Hi Community,

So I have a remote web server running etch. I had password-less access working until I screwed it up (not sure how yet). I created rsa keys in ~/.ssh . Once those are created, I do an ssh-copy-id back home where i want to dump my /var/www . Now.. it should be as simple as using ssh -i ~/.ssh/identity user@host right? I continually get prompted for a password from my server at home. ok. I do ssh-agent and get:

Code:

SSH_AUTH_SOCK=/tmp/ssh-BjmLPg2413/agent.2413; export SSH_AUTH_SOCK;
SSH_AGENT_PID=2414; export SSH_AGENT_PID;
echo Agent pid 2414;

ok.. start from scratch:

create a new key

Code:

ssh-keygen -t rsa -b 2048 -f ~/.ssh/mykey

ok.. copy the new key to the server:

Code:

ssh-copy-id "-p34045 -i~/.ssh/mykey.pub me@myhost"

/usr/bin/ssh-copy-id: ERROR: No identities found

hu?? do ls -la ~/.ssh

Code:

-rw------- 1 parker parker  775 2009-10-31 06:43 authorized_keys
-rw------- 1 parker parker 1671 2009-11-05 05:06 identity
-rw------- 1 parker parker  396 2009-11-05 05:06 identity.pub
-rw-r--r-- 1 parker parker 3978 2009-11-01 08:49 known_hosts
-rw------- 1 parker parker 1675 2009-11-05 05:08 mykey
-rw------- 1 parker parker  396 2009-11-05 05:08 mykey.pub

Where am i being an id10t?

zhjim · 11-05-2009, 07:15 AM

Quote:

Originally Posted by SibLiant

Where am i being an id10t?

I dunno know but a good guess is in front of the mirror where you see one

Paddon but I can't dispel an invitation.

I don't know what ssh-copy-id does but to check that every thing went well cat ~/.ssh/authorized_keys to see if your key.pub made it over. Check on your /etc/ssh/sshd_config to get the exact name of the file where pub keys need to go.
As far as I can tell the permissions look good on the files.

Bit of summary what's need for public key login
pair of keys, one public one private.
The public one needs to get on the server you want to log in to
put public key into .ssh/authorized_keys (or where ever sshd looks for it)
Make sure sshd allows public key login.

For debug purpose use ssh -v -v and see what it tells you. Even more intresting and most of the time illuminating is the sshd log /var/log/secure normaly. But first setup the log level to debug inside /etc/ssh/sshd_config restart ssh and tail on the logfile. Or just start sshd by hand and let it linger in foreground.

To make extra sure heres I go about public key login

Code:

ssh-keygen -t rsa -b 2048

it'll ask for the place to save the files to (.ssh in general)

Code:

scp .ssh/id_rsa.pub user@host:/home/user/.ssh/authorized_keys

take care not to overwrite any existing authorized_keys file.

Code:

ssh user@host

I normaly ssh into the machine to check on permission and alike...

SibLiant · 11-05-2009, 07:43 PM

Thanks for the detail. I check the authorized keys on the server and it was clearly not going in using ssh-copy-id and I have no clue why. I used

Code:

cat ~/.ssh/identity.pub | ssh myhost -p34045 "cat >> ~/.ssh/authorized_keys"

and the key copied over and everything was good. Thanks for leading to this end.