Hi there --

I am trying to set up a two-way key-based ssh connection. The idea here is to have the user on server 1 be able to log into server 2 using public/private key authentication and vice versa.

The user is prompted for a password when he logs in from server 1 to server 2, which is incorrect, but is not prompted for a password when he logs in from server 2 to server 1, which is correct.

The steps that I took so far are as follows:
1. created the rsa and dsa key pairs on server 1 as the user.
2. logged in as root on server 2 and created a user account like that on server 1.
3. copied the user's rsa and dsa public key files to server 2, and renamed the dsa public file to authorized_keys2.
4. verified there was no existing known_hosts file.
5. logged back into server 2 to create the known_hosts file.
6. modified the sshd_config file to have the lines:
Protocol 2
AuthorizedKeysFiles .ssh/authorized_keys2
7. modified the ssh_config file to have the line:
Protocol 2
8. stopped and restarted ssh on server 1 and server 2.

I want to be able to log into server 2 from server 1 without password authentication. I can do that now from server 2 to server 1. What other steps do I need to take to correct this? Thanks.

do you have three lines that look like this in you sshd_config file

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys # or whatever you want to call the file


and if you want to completely disable password logins (but only do this once you know key based logins are working)

PasswordAuthentication no

I checked the sshd_config file, and yes the settings that you mentioned are in place on both servers. I have not set PasswordAuthentication to no.

is the ~/.ssh folder set to permissions of 600? that's always the bit that catches me out.

That took care of it, along with matching the permissions between the two servers. Thanks for the help.