LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Set up Key pairs but have to enter password, Freenas 8 (https://www.linuxquestions.org/questions/linux-newbie-8/set-up-key-pairs-but-have-to-enter-password-freenas-8-a-4175455288/)

travalon 03-23-2013 02:36 PM
Set up Key pairs but have to enter password, Freenas 8
 
Ok so I've watched episodes 1108 through 1120 on Hak5 umpteen times. I took notes and got the keys generated and where they need to be.
I have pasted the public key in the public key box for my user in freenas 8. it starts with "ssh-rsa " and ends with my user@ my clientmachines name. Is this right?
On the server in .ssh I have the public key in the authorized_keys. It also begins and ends as stated above. again is this right?

On my client machine in .ssh I have my private key the .pub key and Known_hosts. Known_hosts has quite the string of data in one line.
I believe it is a hashed version of User@host.domain then it says= ssh-rsa and the string of data/the key and nothing after that.

When I tried to ssh into the nas I got the fingerprint and checked it as good and it was permantly added to the known_hosts file.

Now when I try to ssh in I am always asked for my password. What did I do Wrong?

Thanks to all who look and even more so to those who help. +1

lleb 03-23-2013 05:13 PM
Code:
###### DIRECTIONS FOR CREATING RSA KEY################

        Directions for creating the rsa key and making the two
 servers talk to each other without password.

        1st change directory into .ssh and check what files are there.

                [rx30@rx30 ~]$ cd .ssh
                [rx30@rx30 .ssh]$ ls -l
                total 4
                -rw-r--r-- 1 rx30 group 2980 Jun 13 12:02 known_hosts

        2nd create the rsa key.

                [rx30@rx30 .ssh]$ ssh-keygen -t rsa -b 4096
                Generating public/private rsa key pair.
                Enter file in which to save the key (/usr/rx30/.ssh/id_rsa):
                Enter passphrase (empty for no passphrase):
                Enter same passphrase again:
                Your identification has been saved in /usr/rx30/.ssh/id_rsa.
                Your public key has been saved in /usr/rx30/.ssh/id_rsa.pub.
                The key fingerprint is:
                cb:b0:40:c6:e9:f4:9e:f5:71:fc:c3:00:c0:f7:c6:75 rx30@rx30.localdomain

        3rd check that there are two new files with the following permissions

                [rx30@rx30 .ssh]$ ls -l
                total 12
                -rw------- 1 rx30 group 3243 Jun 22 15:50 id_rsa
                -rw-r--r-- 1 rx30 group  743 Jun 22 15:50 id_rsa.pub
                -rw-r--r-- 1 rx30 group 2980 Jun 13 12:02 known_hosts
       
        4th change directory back to the users $HOME

                [rx30@rx30 .ssh]$ cd

        5th copy the key to the remote server

                [rx30@rx30 ~]$ ssh-copy-id -i ~/.ssh/id_rsa.pub rx30@XXX.XXX.XXX.XXX
                25
                rx30@XXX.XXX.XXX.XXX's password:
                Now try logging into the machine, with "ssh 'rx30@XXX.XXX.XXX.XXX'", and check in:

                .ssh/authorized_keys

                to make sure we haven't added extra keys that you weren't expecting.

        6th, follow directions on the screen.

                [rx30@rx30 ~]$ ssh rx30@XXX.XXX.XXX.XXX
                Last login: Fri Jun 22 14:12:08 2012 from 10.10.4.77
                [rx30@rx30 ~]$ exit
                logout
                Connection to XXX.XXX.XXX.XXX closed.
replace rx30 with your user_name

travalon 03-24-2013 09:28 AM
lleb,
Thank you so much for your input. You just verified I did everything correctly. However, I am still asked for a password every time I ssh in. My nas Is running on Freenas 8 and I think There is a setting I need in my user account. The forums over there are not as quick to respond as here. I will double check my user settings.

Also I'm going to try to set this up on another machine running xbmcbuntu just to see if there's anything different.

Thanks again. +1

Just set up the key pairs on y htpc and the only thing that was different was when I logged out and back in I had to give the password to unlock the key.
Beautiful lleb. Thank you. For some reason that doesn’t happen on my nas. I'll delete everything and try from scratch.

michaelk 03-24-2013 10:47 AM
Make sure the authorized_keys file has the proper permissions i.e. 600

shivaa 03-24-2013 11:23 AM
Just look at this blog.

Hope it will help.


All times are GMT -5. The time now is 04:02 PM.