LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-23-2013, 03:36 PM   #1
travalon
Member
 
Registered: Jun 2012
Location: AZ
Distribution: Mint 13, Ubuntu
Posts: 78

Rep: Reputation: Disabled
Set up Key pairs but have to enter password, Freenas 8


Ok so I've watched episodes 1108 through 1120 on Hak5 umpteen times. I took notes and got the keys generated and where they need to be.
I have pasted the public key in the public key box for my user in freenas 8. it starts with "ssh-rsa " and ends with my user@ my clientmachines name. Is this right?
On the server in .ssh I have the public key in the authorized_keys. It also begins and ends as stated above. again is this right?

On my client machine in .ssh I have my private key the .pub key and Known_hosts. Known_hosts has quite the string of data in one line.
I believe it is a hashed version of User@host.domain then it says= ssh-rsa and the string of data/the key and nothing after that.

When I tried to ssh into the nas I got the fingerprint and checked it as good and it was permantly added to the known_hosts file.

Now when I try to ssh in I am always asked for my password. What did I do Wrong?

Thanks to all who look and even more so to those who help. +1
 
Old 03-23-2013, 06:13 PM   #2
lleb
Senior Member
 
Registered: Dec 2005
Location: Florida
Distribution: CentOS/Fedora
Posts: 2,630

Rep: Reputation: 495Reputation: 495Reputation: 495Reputation: 495Reputation: 495
Code:
###### DIRECTIONS FOR CREATING RSA KEY################

	Directions for creating the rsa key and making the two
 servers talk to each other without password.

	1st change directory into .ssh and check what files are there.

 		[rx30@rx30 ~]$ cd .ssh
		[rx30@rx30 .ssh]$ ls -l
		total 4
		-rw-r--r-- 1 rx30 group 2980 Jun 13 12:02 known_hosts

	2nd create the rsa key.

		[rx30@rx30 .ssh]$ ssh-keygen -t rsa -b 4096
		Generating public/private rsa key pair.
		Enter file in which to save the key (/usr/rx30/.ssh/id_rsa):
		Enter passphrase (empty for no passphrase):
		Enter same passphrase again:
		Your identification has been saved in /usr/rx30/.ssh/id_rsa.
		Your public key has been saved in /usr/rx30/.ssh/id_rsa.pub.
		The key fingerprint is:
		cb:b0:40:c6:e9:f4:9e:f5:71:fc:c3:00:c0:f7:c6:75 rx30@rx30.localdomain

	3rd check that there are two new files with the following permissions

		[rx30@rx30 .ssh]$ ls -l
		total 12
		-rw------- 1 rx30 group 3243 Jun 22 15:50 id_rsa
		-rw-r--r-- 1 rx30 group  743 Jun 22 15:50 id_rsa.pub
		-rw-r--r-- 1 rx30 group 2980 Jun 13 12:02 known_hosts
	
	4th change directory back to the users $HOME

		[rx30@rx30 .ssh]$ cd

	5th copy the key to the remote server

		[rx30@rx30 ~]$ ssh-copy-id -i ~/.ssh/id_rsa.pub rx30@XXX.XXX.XXX.XXX
		25
		rx30@XXX.XXX.XXX.XXX's password:
		Now try logging into the machine, with "ssh 'rx30@XXX.XXX.XXX.XXX'", and check in:

		.ssh/authorized_keys

		to make sure we haven't added extra keys that you weren't expecting.

	6th, follow directions on the screen.

		[rx30@rx30 ~]$ ssh rx30@XXX.XXX.XXX.XXX
		Last login: Fri Jun 22 14:12:08 2012 from 10.10.4.77
		[rx30@rx30 ~]$ exit
		logout
		Connection to XXX.XXX.XXX.XXX closed.
replace rx30 with your user_name
 
1 members found this post helpful.
Old 03-24-2013, 10:28 AM   #3
travalon
Member
 
Registered: Jun 2012
Location: AZ
Distribution: Mint 13, Ubuntu
Posts: 78

Original Poster
Rep: Reputation: Disabled
lleb,
Thank you so much for your input. You just verified I did everything correctly. However, I am still asked for a password every time I ssh in. My nas Is running on Freenas 8 and I think There is a setting I need in my user account. The forums over there are not as quick to respond as here. I will double check my user settings.

Also I'm going to try to set this up on another machine running xbmcbuntu just to see if there's anything different.

Thanks again. +1

Just set up the key pairs on y htpc and the only thing that was different was when I logged out and back in I had to give the password to unlock the key.
Beautiful lleb. Thank you. For some reason that doesn’t happen on my nas. I'll delete everything and try from scratch.

Last edited by travalon; 03-24-2013 at 11:17 AM.
 
Old 03-24-2013, 11:47 AM   #4
michaelk
Moderator
 
Registered: Aug 2002
Posts: 16,318

Rep: Reputation: 1905Reputation: 1905Reputation: 1905Reputation: 1905Reputation: 1905Reputation: 1905Reputation: 1905Reputation: 1905Reputation: 1905Reputation: 1905Reputation: 1905
Make sure the authorized_keys file has the proper permissions i.e. 600
 
Old 03-24-2013, 12:23 PM   #5
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,800
Blog Entries: 4

Rep: Reputation: 286Reputation: 286Reputation: 286
Just look at this blog.

Hope it will help.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] New connection set up OK but where do I enter my ISP login user name and password? micok Fedora - Installation 3 04-06-2011 04:16 PM
DNS TXT with multiple key-value pairs williebens Linux - Server 2 03-04-2011 11:12 AM
Public/Private Key Pairs Kissell Linux - Security 3 01-24-2009 05:36 AM
Big Brother? Key Pairs? cwizardone Slackware 1 02-27-2007 07:02 PM
C++ STL key/value pairs strangely refuse to be eased!! nyk Programming 5 06-18-2004 01:53 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 11:17 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration