LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 11-03-2010, 11:03 AM   #1
wifefail
LQ Newbie
 
Registered: Nov 2010
Posts: 4

Rep: Reputation: 0
SSH Key-Gen


Hello,

I am trying to set up a SSH key between servers so no password is required when I have to "scp" files between the two.

This is what I have tried so far but still requires a password:

Code:

Code:
ssh-keygen -t rsa
scp /home/<user>/.ssh/id_rsa <server2.com>:/home/<user>/.ssh/authorized_keys
When I scp after this I wasn't expecting to need a password but it is still prompting. Now I have used this same method before and it has worked great. The only difference this time is server2 is not in the same cage.

I should also say that I have checked the authorized_keys file on the destination server to make sure the rsa key is in there and it is.

Is there something I might be doing wrong or missing?

Thanks
 
Old 11-03-2010, 11:11 AM   #2
module0000
Member
 
Registered: Feb 2010
Location: USA
Distribution: RHEL
Posts: 36

Rep: Reputation: 15
To setup password-less login, do:

1) ssh-keygen
(accept all defaults, do not set a password on the key)

2) ssh-copy-id username@destination.server
(this will prompt you for a password for 'username')

That's it, once ssh-copy-id completes, your key is stored on the remote server. You can scp/ssh to the server in the future without a password, as long as you are doing so as the user that copied the key over.
 
Old 11-03-2010, 12:36 PM   #3
wifefail
LQ Newbie
 
Registered: Nov 2010
Posts: 4

Original Poster
Rep: Reputation: 0
Thank you for the response but I have already done that and am questioning if there would be something preventing this from working. The key is in the authorized_keys file and the user is the same.

I tried turning on debugging for scp and it is trying to pass the key but it looks like it is being rejected almost. But the keys match up on each server.
 
Old 11-03-2010, 12:38 PM   #4
module0000
Member
 
Registered: Feb 2010
Location: USA
Distribution: RHEL
Posts: 36

Rep: Reputation: 15
Check your /etc/ssh/sshd_config file for the following lines:

Code:
PubkeyAuthentication yes
AuthorizedKeysFile     .ssh/authorized_keys
(remember to restart sshd if you edit that file)

If you still have trouble, you can run `sshd` manually on another port with debugging enabled. Then you will see step-by-step the authentication process and hopefully a meaning error message.
 
Old 11-03-2010, 01:00 PM   #5
wifefail
LQ Newbie
 
Registered: Nov 2010
Posts: 4

Original Poster
Rep: Reputation: 0
I checked the file you mentioned and it is set correctly.

The thing that is making this difficult is the source server is not really one that I have luxury of debugging services with. It is a live server and a very vital one at that (phone server). Any other ideas that might lead to a "simple" fix?

Appreciate the help.
 
Old 11-03-2010, 04:17 PM   #6
trey85stang
Senior Member
 
Registered: Sep 2003
Posts: 1,091

Rep: Reputation: 41
Quote:
Originally Posted by wifefail View Post
Thank you for the response but I have already done that and am questioning if there would be something preventing this from working. The key is in the authorized_keys file and the user is the same.

I tried turning on debugging for scp and it is trying to pass the key but it looks like it is being rejected almost. But the keys match up on each server.
If you only did what is listed in your original post, you did not do that.

what you did was copy your local private key, as the authorized_key file on the remote server. That's not going to work.

You need to dump your public key `cat id_rsa.pub` into authorized_keys txt file on the remote server.
 
Old 11-04-2010, 07:33 AM   #7
wifefail
LQ Newbie
 
Registered: Nov 2010
Posts: 4

Original Poster
Rep: Reputation: 0
I should mention I did copy the pub key not the private key like you mentioned.

The only abnormal thing I have found is that I can only reach the the origin server via local IP. When I try to reach it through it's external IP I can not SSH into it would this have an effect on this?
 
Old 11-05-2010, 02:04 PM   #8
trey85stang
Senior Member
 
Registered: Sep 2003
Posts: 1,091

Rep: Reputation: 41
Quote:
Originally Posted by wifefail View Post
I should mention I did copy the pub key not the private key like you mentioned.

The only abnormal thing I have found is that I can only reach the the origin server via local IP. When I try to reach it through it's external IP I can not SSH into it would this have an effect on this?
check your firewalls if you can not ssh in from a remote ip address. Are you getting connection refused? or some other kind of message?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
open-ssh vs. commercial ssh (tru64), public-key auth not possible? cf050 Linux - Networking 8 03-28-2012 11:15 AM
Putty/SSH login failed when using RSA public key: 'Server refused our key' itsecx@gmail.com Linux - Server 10 10-04-2010 01:19 PM
Generating Public and Private Keys using putty key gen ghandizzle8 Linux - Newbie 4 09-16-2010 11:47 PM
gpg --gen-key problems tuhimareikura Red Hat 2 06-29-2008 09:27 AM
ssh / ssh-key -- its always asking for passphrase BaerRS Linux - General 1 01-07-2003 06:21 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 09:29 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration