Ssh authentication using public key not working!
Hello everyone!
I am trying to access a server using ssh public keys without entering a password, but not getting success. Here is situation: Local machine: Hostname: saturn.org.com, usrename: jack Remote machine: Hostname: mars.org.com, username: root What I did: 1. Logged in on saturn.org.com as user jack and generated ssh public keys using "ssh-keygen -t rsa" 2. Left password prompt blank when it asked to enter a password (I just pressed enter key) 3. Appended the encrypted public key generate (i.e. content of ~/.ssh/id_rsa.pub) from saturn.org.com into root user's .ssh/authorized_keys file on mars.org.com 4. As final step, from my local machine i.e. saturn.org.com (logged in a jack) I invoked "ssh root@mars.org.com" command to connect to saturn as root without entering a password. But it's again & again prompts me to enter root's password. So could anybody suggest that where I am making a mistake? |
did you set sshd to accept rsa keys?
Code:
###### DIRECTIONS FOR CREATING RSA KEY################ |
3. Appended the encrypted public key generate (i.e. content of ~/.ssh/id_rsa.pub) from saturn.org.com into root user's .ssh/authorized_keys file on mars.org.com
4.You have to copy root users mars.org.com id_rsa.pub key to known_hosts of local machine saturn.org.com 5.You have to enable following parameter in sshd_config to accept key attentication vi /etc/ssh/sshd_config PubkeyAuthentication yes AuthorizedKeysFile %h/.ssh/authorized_keys 6.Check out the permission of .ssh,keys,authorized-keys file these may also cause for ssh attentication failure. http://www.linuxquestions.org/questi...os-rhel-35029/ |
Quote:
It is likely sshd_config on mars does not have "PermitRootLogin yes" enabled .. you would need that to perform logins directly as root. I advise against this - log in as an individual user's account and become root when necessary with sudo or su. http://www.snailbook.com/faq/ |
@linosaurusroot
I will accept 4 point is inaccurate if the user generate passwordless attentication for normal user .But the user scenerio he has been generating passwordless attentication for his root directory .I dont think what i have posted his wrong if he trying to create passwordless login for his root directory. 4.You have to copy root users mars.org.com id_rsa.pub key to known_hosts of local machine saturn.org.com @linosaurusroot, Can you explain what wrong with 5 point i have posted .I dont think without enabling the PubkeyAuthentication yes passwordless key login never seems to work. 5.You have to enable following parameter in sshd_config to accept key attentication vi /etc/ssh/sshd_config PubkeyAuthentication yes AuthorizedKeysFile %h/.ssh/authorized_keys |
Point 4 confused 32 different kinds of keys - host keys (as in known_hosts) and user keys (as in id_rsa.pub).
Point 5 overlooks that in /etc/ssh/sshd_config PubkeyAuthentication yes AuthorizedKeysFile %h/.ssh/authorized_keys are the defaults and do not need to be uncommented unless you mean to change them. |
Found a solution finally.
Thanks everyone for your responses. Ciao. |
You should detail what the solution was for the benefit of anyone coming across this thread later.
http://xkcd.com/979/ |
Quote:
|
For complete procedure, please follow my blog here.
|
Quote:
I'd like to know, how can i login to remote machine as root being a normal user on local machine ? i.e i'd like to login as root on mars from being a jack on saturn. Will that work if we copy the ssh public key of jack to the /root/.ssh/authorized_keys file on mars? |
@RaviTezu:
You will first need to generate rsa keys for root user on saturn. Code:
root@saturn~# ssh-keygen -t rsa Code:
root@saturn~# cat ~/.ssh/id_rsa.pub | ssh root@mars 'cat >> ~/.ssh/authorized_keys' |
Thanks for the reply.
That will allow the root user from saturn to login as root into mars. What i need is .. being jack on saturn..i want to login as root into mars. Will it work if i add jack ssh public key(Which is generated on mars)to the /root/.ssh/authorizes_keys(Which is residing in root home directory) on mars? ---------- Post added 03-08-13 at 10:31 AM ---------- & It is working!! Thanks shivaa! |
Yes, it should work. You can test it.
|
All times are GMT -5. The time now is 07:57 PM. |