LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-08-2015, 04:39 AM   #1
Vernicronz
Member
 
Registered: Jul 2014
Distribution: Redhat,Centos,Ubuntu
Posts: 54

Rep: Reputation: Disabled
Unhappy password less ssh doesn't work in centos 6.4 and 6.6


Hi All ,

I have a situation whereby password less ssh is not working in centos 6.4 and centos 6.6. I have verified the below items ;

All dirs owned by userx on server A and B have following perm
1) /home/userx/ to have 700 perm
2) /home/userx/.ssh to have 700 perm
3) /home/userx/.ssh/authorized_keys to have 600 perm

After adding the content of id_rsa.pub (from my mac) to the authorized_keys on server A - i can ssh without password - this works.

But when i use the same id_rsa.pub and added it to authorized_keys on my server B , i can't ssh to server B without password - using ssh -A userx@server

Kindly advice ... thank you!


Below are my real logs
==============
[userx@m26 ~]$ ssh -v -A userx@10.0.1.240
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 10.0.1.240 [10.0.1.240] port 22.
debug1: Connection established.
debug1: identity file /home/userx/.ssh/identity type -1
debug1: identity file /home/userx/.ssh/id_rsa type -1
debug1: identity file /home/userx/.ssh/id_dsa type -1
debug1: loaded 3 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '10.0.1.240' is known and matches the RSA host key.
debug1: Found key in /home/userx/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/userx/.ssh/identity
debug1: Trying private key: /home/userx/.ssh/id_rsa
debug1: Trying private key: /home/userx/.ssh/id_dsa
debug1: Next authentication method: password
userx@10.0.1.240's password:
 
Old 07-08-2015, 06:33 AM   #2
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 13,390
Blog Entries: 9

Rep: Reputation: 3654Reputation: 3654Reputation: 3654Reputation: 3654Reputation: 3654Reputation: 3654Reputation: 3654Reputation: 3654Reputation: 3654Reputation: 3654Reputation: 3654
- can't you generate a new pair of keys for the connection to server B?
- are you sure the ssh-daemon (sshd) on server B has passwordless authentication enabled?
 
Old 07-08-2015, 07:42 AM   #3
michaelk
Moderator
 
Registered: Aug 2002
Posts: 19,518

Rep: Reputation: 3134Reputation: 3134Reputation: 3134Reputation: 3134Reputation: 3134Reputation: 3134Reputation: 3134Reputation: 3134Reputation: 3134Reputation: 3134Reputation: 3134
Did you generate the keys on the Mac? Is m26 the Mac?

I expected a debug message that offers or read the id_rsa key private key. I assume it exists since it works for server A. Sharing public keys between servers should work.
 
Old 07-08-2015, 10:42 PM   #4
Vernicronz
Member
 
Registered: Jul 2014
Distribution: Redhat,Centos,Ubuntu
Posts: 54

Original Poster
Rep: Reputation: Disabled
HI michaelk,

I have created the rsa keys on my mac , m26 is my server A - a centos 5.8 server while server B is a centos 6.6.

I have tried similar thing within centos 6.4 servers - resulting in the same issue...
 
Old 07-08-2015, 10:57 PM   #5
Vernicronz
Member
 
Registered: Jul 2014
Distribution: Redhat,Centos,Ubuntu
Posts: 54

Original Poster
Rep: Reputation: Disabled
HI ondoho ,

I can't afford to create new rsa keys coz it's working fine with lower version of centos (5.2, 5.8 and 5.9) - only on centos 6.4 and 6.6 it's giving this issue.

below are the setting for my sshd for server B


[root@safedb ~]# cat /etc/ssh/sshd_config | grep -i "RSAAuthentication"
RSAAuthentication yes

[root@safedb ~]# cat /etc/ssh/sshd_config | grep -i "PubkeyAuthentication"
PubkeyAuthentication yes
 
Old 07-08-2015, 11:38 PM   #6
Vernicronz
Member
 
Registered: Jul 2014
Distribution: Redhat,Centos,Ubuntu
Posts: 54

Original Poster
Rep: Reputation: Disabled
Hi All ,

I have resolved this by doing ssh-add from my local mac to server A then ssh -A userx@serverB. this solved the issue...i believe some setting in mac that needs to checked again..thanks all!!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Sign in password doesn't work nonnox15 Linux - General 3 06-18-2015 09:46 PM
[SOLVED] 13.04: Suddenly my password doesn't work Kirsten Ubuntu 2 09-29-2013 03:40 PM
SSH to work without a password between CentOS & Cygwin timmywo Linux - Server 9 08-08-2010 04:26 AM
root password doesn't work for ssh linuxuser00 Linux - Newbie 5 01-31-2007 12:05 PM
root password doesn't work SlowMindThinkin Linux - Newbie 9 04-18-2005 12:19 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 09:22 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration