password less ssh doesn't work in centos 6.4 and 6.6
Hi All ,
I have a situation whereby password less ssh is not working in centos 6.4 and centos 6.6. I have verified the below items ; All dirs owned by userx on server A and B have following perm 1) /home/userx/ to have 700 perm 2) /home/userx/.ssh to have 700 perm 3) /home/userx/.ssh/authorized_keys to have 600 perm After adding the content of id_rsa.pub (from my mac) to the authorized_keys on server A - i can ssh without password - this works. But when i use the same id_rsa.pub and added it to authorized_keys on my server B , i can't ssh to server B without password - using ssh -A userx@server Kindly advice ... thank you! Below are my real logs ============== [userx@m26 ~]$ ssh -v -A userx@10.0.1.240 OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 10.0.1.240 [10.0.1.240] port 22. debug1: Connection established. debug1: identity file /home/userx/.ssh/identity type -1 debug1: identity file /home/userx/.ssh/id_rsa type -1 debug1: identity file /home/userx/.ssh/id_dsa type -1 debug1: loaded 3 keys debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.3 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host '10.0.1.240' is known and matches the RSA host key. debug1: Found key in /home/userx/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Trying private key: /home/userx/.ssh/identity debug1: Trying private key: /home/userx/.ssh/id_rsa debug1: Trying private key: /home/userx/.ssh/id_dsa debug1: Next authentication method: password userx@10.0.1.240's password: |
- can't you generate a new pair of keys for the connection to server B?
- are you sure the ssh-daemon (sshd) on server B has passwordless authentication enabled? |
Did you generate the keys on the Mac? Is m26 the Mac?
I expected a debug message that offers or read the id_rsa key private key. I assume it exists since it works for server A. Sharing public keys between servers should work. |
HI michaelk,
I have created the rsa keys on my mac , m26 is my server A - a centos 5.8 server while server B is a centos 6.6. I have tried similar thing within centos 6.4 servers - resulting in the same issue... |
HI ondoho ,
I can't afford to create new rsa keys coz it's working fine with lower version of centos (5.2, 5.8 and 5.9) - only on centos 6.4 and 6.6 it's giving this issue. below are the setting for my sshd for server B [root@safedb ~]# cat /etc/ssh/sshd_config | grep -i "RSAAuthentication" RSAAuthentication yes [root@safedb ~]# cat /etc/ssh/sshd_config | grep -i "PubkeyAuthentication" PubkeyAuthentication yes |
Hi All ,
I have resolved this by doing ssh-add from my local mac to server A then ssh -A userx@serverB. this solved the issue...i believe some setting in mac that needs to checked again..thanks all!! |
All times are GMT -5. The time now is 04:28 PM. |