trouble with RSA key authentication and ssh
Hello,
I have two Linux machines, SVNServer and ProdServer. I would like to use RSA key authentication so that I can log into either one of them from the other. I have no problem setting up key authentication that goes ProdServer --> SVNServer. However when I follow the same process to setup keys to go from SVNServer to ProdServer I have trouble. A summary of what I did: $ ssh-keygen -t rsa (i accepted all defaults) $ scp .ssh/id_rsa.pub lynchs@ProdServer:./tempkey ** on prodserver $cat tempkey >> .ssh/authorized_keys $ ssh lynchs@ProdServer No luck! It still prompts me for my password! Not sure if it is related but there is a third machine, again I can use key authentication to connect to SVNServer without a problem, but key authenication does not work when connecting to ProdServer. Any suggestions would be appreciated. Thanks. |
check that the owner is correct, and that the permissions are correct.
owner should be the user, permissions should be 600 |
authorized_keys and id_rsa both have permissions set at 600
and the owner is correct also Code:
[lynchs@cvi-dev-trac01 ~]$ ll .ssh |
Also, here is an exerpt from running verbose ssh...
Code:
debug1: Next authentication method: publickey |
Is the server actually setup to allow key based authentication? Also is authorized_keys the right file name on both ends. Some implementations use authorized_keys2 and some use authorized_keys.
|
What OS/version? On RHEL-based distros, for instance, sshd logs helpful troubleshooting info to /var/log/secure.
Is the (server side) user's home directory group or world writable? If so, and if StrictModes is enabled (often is by default), you break pubkey authentication. |
Quote:
|
Ah hah, my .ssh directory permissions were not set to 700 on my ProdServer.
Now they are! and I can log into ProdServer from both machines without a password. Thank you! |
All times are GMT -5. The time now is 11:56 PM. |