LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-27-2006, 04:19 PM   #31
blackdragonblood
Member
 
Registered: May 2005
Location: Minneapolis, MN
Distribution: Debian
Posts: 217

Original Poster
Rep: Reputation: 30

The following worked:

Quote:
mv id_rsa.pub authorized_keys
Thx 4 the help.
 
Old 01-29-2006, 11:09 PM   #32
fotoguy
Senior Member
 
Registered: Mar 2003
Location: Brisbane Queensland Australia
Distribution: Custom Debian Live ISO's
Posts: 1,290

Rep: Reputation: 62
I've had problems with my mail server the last couple of weeks so I haven't been receiving mail, but I have a little script which I wrote that you might find useful to make and upload the keys to your server.

#!/bin/bash
USER="bill"
ADDRESS="192.168.1.15"
PORT="4000"
NEWKEY="yes"

function keygen {
if [ $NEWKEY == "yes" ]; then
ssh-keygen -t dsa -f ~/.ssh/id_dsa
fi
}

function checkfile {
if [ -f ~/.ssh/authorized_keys2 ]; then
touch ~/.ssh/authorized_keys2
fi
}

# First let create the directory on the remote host them upload the certificate.
function sshupload {
cat ~/.ssh/id_dsa.pub | ssh -p $PORT $USER@$ADDRESS 'sh -c "mkdir ~/.ssh && cat - >>~/.ssh/authorized_keys2 && chmod 600 ~/.ssh/authorized_keys2"'
}

## Our Main Menu
function press_enter {
echo ""
echo -n "Press Enter to continue"
read
clear
}

selection=
until [ "$selection" = "0" ]; do
echo ""
echo "SSH Keygen PROGRAM MENU"
echo "1 - Generate & Upload New Key"
echo "2 - Upload Old Key"
echo ""
echo "0 - exit program"
echo ""
echo -n "Enter selection: "
read selection
echo ""
case $selection in
1 ) checkfile ; keygen ; sshupload ;;
2 ) sshupload ;;
0 ) exit ;;
* ) echo "Please enter 1, 2 or 0"; press_enter
esac
done

exit 0
 
Old 01-29-2006, 11:46 PM   #33
blackdragonblood
Member
 
Registered: May 2005
Location: Minneapolis, MN
Distribution: Debian
Posts: 217

Original Poster
Rep: Reputation: 30
Thanks. I just ordered a book on shell scripts, so I'll be checking back after doing some research. I love Linux.
 
Old 07-23-2008, 07:58 PM   #34
dac_lq_frm
LQ Newbie
 
Registered: Jul 2008
Posts: 1

Rep: Reputation: 0
.ssh dir permissions - obscure error messages

fotoguy - thanks for the convenience script, you have saved me some work.

To reiterate others posts, I've just spent an hour or two doing the "now whats wrong" fandango and I've been doing ssh with PKI for a long time.

using shh -v -v -v targethost died, but with some beut errors, viz

debug3: Not a RSA1 key file /home/fred/.ssh/fred.id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace

and so on.

This turned out to be permissions of 600 on /home/fred/.ssh instead of 700

aaagh!

ssh seems to specialise in producing "WTF" debug messages, the obliqueness being directly proportional to the physical distance between the machines.

Permissions summary. This may not be the approved way, but it works.
username is "exampleuser"

ownership of the following files and dirs is "exampleuser"

/home/exampleuser mode 700
/home/exampleuser/.ssh mode 700
/home/exampleuser/.ssh/* mode 600

I hope that helps anyone else who slipped up with the perms
 
Old 07-24-2008, 03:29 AM   #35
fotoguy
Senior Member
 
Registered: Mar 2003
Location: Brisbane Queensland Australia
Distribution: Custom Debian Live ISO's
Posts: 1,290

Rep: Reputation: 62
Quote:
Originally Posted by dac_lq_frm View Post
fotoguy - thanks for the convenience script, you have saved me some work.

To reiterate others posts, I've just spent an hour or two doing the "now whats wrong" fandango and I've been doing ssh with PKI for a long time.

using shh -v -v -v targethost died, but with some beut errors, viz

debug3: Not a RSA1 key file /home/fred/.ssh/fred.id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace

and so on.

This turned out to be permissions of 600 on /home/fred/.ssh instead of 700

aaagh!

ssh seems to specialise in producing "WTF" debug messages, the obliqueness being directly proportional to the physical distance between the machines.

Permissions summary. This may not be the approved way, but it works.
username is "exampleuser"

ownership of the following files and dirs is "exampleuser"

/home/exampleuser mode 700
/home/exampleuser/.ssh mode 700
/home/exampleuser/.ssh/* mode 600

I hope that helps anyone else who slipped up with the perms


Glad you found the script useful
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't get passwordless ssh working thorney Linux - Networking 3 11-27-2005 10:08 PM
Ssh passwordless : Urgent muneebs123 Linux - Security 23 06-21-2005 08:26 PM
Passwordless SSH problem? LQYY Linux - Software 5 06-09-2005 09:56 PM
Passwordless SSH for Cluster nedian123 Linux - Networking 3 12-07-2004 10:15 PM
Regarding Passwordless SSH nedian123 Linux - Software 1 08-05-2004 05:07 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:08 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration