Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If I have 2 machines that I need to ssh between. I wish to use a key with no passphrase.
I have generated the keys on one machine for the user. I then copied the entire set over to the other machine for the user keeping the strict permissions the same.
I can easily ssh in without being prompted from one node but not the other. The one that does work from is the one where I did NOT generate the keys.
I notice in the keys at the end there is a user@host string. Are private keys married to the machine they are generated on? I am trying to use the same set of keys on both machines is that possible?
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541
Rep:
When you do the key generation, you get two files, say they're id_dsa, the private key, and id_dsa.pub, the public key (if you generated the default, they'll be id_rsa). You do not copy the id_dsa to the other machine; you only copy the id_dsa.pub file to the other machine's authorized_keys file in the .ssh directory. You do this on both machines, only copying the public key to the other's authorized_keys file.
Try that instead of what you said you did and it should work in both directions for you.
When you do the key generation, you get two files, say they're id_dsa, the private key, and id_dsa.pub, the public key (if you generated the default, they'll be id_rsa). You do not copy the id_dsa to the other machine; you only copy the id_dsa.pub file to the other machine's authorized_keys file in the .ssh directory. You do this on both machines, only copying the public key to the other's authorized_keys file.
Try that instead of what you said you did and it should work in both directions for you.
Hope this helps.
Yes it did help. I was just trying to keep the amount of keys down for some reason. I did not realize that keys were only good for one way connections between hosts.
Just for knowledge sake couldn't you also generate the keys on box1, then copy the private to box2, then ssh back to box1 with the ssh -i .ssh/id_rsa ..... ?
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541
Rep:
Without going on a document hunt, I seem to recall that ssh-keygen is machine-dependent; it uses values from the installation. Could be wrong about that, but that tickles my memory. So, nope, can't just go copying the same files all over the place and have it work (as you noticed?). And, think about it, wouldn't you want a machine to have its own public and private key pair?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.