LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-20-2010, 01:27 AM   #1
salimshahzad
Member
 
Registered: Dec 2009
Posts: 200

Rep: Reputation: 15
ssh-keygen issue


hi

i try to made this way practise, but it still ask me password when i connect via ssh or scp, what should be wrong. 1 machine is rhel 5.5 other is centos 5.5
machine 1
machine 2

private key
public key

generate
1) publickey
2) private key
3) transfer key(private key) to private key

# ssh-keygen (press enter)
# cd /root/.ssh
# cp id_rsa.pub authorised_keys
# ls
# scp authorised_key 192.168.1.105:/root/.ssh/
# ssh 192.168.1.105
 
Old 12-20-2010, 02:57 AM   #2
chickenjoy
Member
 
Registered: Apr 2007
Distribution: centos,rhel, solaris
Posts: 211

Rep: Reputation: 30
Quote:
# cp id_rsa.pub authorised_keys
# ls
# scp authorised_key 192.168.1.105:/root/.ssh/
I think you might have miss spelled the word 'authorized'. The correct file name is:
Code:
 ~.ssh/authorized_keys
 
Old 12-20-2010, 04:53 AM   #3
digsecurity
Member
 
Registered: Apr 2010
Posts: 54

Rep: Reputation: 18
Hope this will help http://www.petefreitag.com/item/532.cfm
 
Old 12-20-2010, 05:28 AM   #4
asab
LQ Newbie
 
Registered: Dec 2009
Posts: 6

Rep: Reputation: 0
This one should help http://www.debian-administration.org/articles/152
 
Old 12-20-2010, 05:36 AM   #5
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 779Reputation: 779Reputation: 779Reputation: 779Reputation: 779Reputation: 779Reputation: 779
One other comment here. I notice that you are putting the key into the ROOT profile. I would highly recommend that you do NOT do this as logging into an SSH connection via root is an extremely BAD practice; you are operating by default in a mode where you could damage something and you have authorized the most abused login ID possible. It is also unnecessary as an authorized user can elevate to root when required.

Instead you should put/append the public key to the /home/a-non-root-user/.ssh/authorized_keys and log in via this user.

Furthermore, I would suggest that you edit your sshd_config and disable root login (set PermitRootLogin no)

Last edited by Noway2; 12-20-2010 at 05:38 AM. Reason: added sshd modification recommendation
 
Old 12-20-2010, 07:06 AM   #6
salimshahzad
Member
 
Registered: Dec 2009
Posts: 200

Original Poster
Rep: Reputation: 15
it is just for backup purpose single machien carry backup of all machine at the end of the day

suggest advise me if i have single machine say
192.168.1.1

where 3 machines need to connect it
192.168.1.2
192.168.1.3
192.168.1.4

so how can i achive this, as i try 1 key public copy then another is over written etc
 
Old 12-20-2010, 08:22 AM   #7
chickenjoy
Member
 
Registered: Apr 2007
Distribution: centos,rhel, solaris
Posts: 211

Rep: Reputation: 30
Quote:
so how can i achive this, as i try 1 key public copy then another is over written etc
you append the contents of the pub key of:

Code:
192.168.1.2's id_rsa.pub = 1 line
192.168.1.3's id_rsa.pub = 1 line
192.168.1.4's id_rsa.pub = 1 line

----> to 192.168.1.1's authorized_key file. Thus it will contain a total of 3 lines now.
note: you don't scp authorized_keys anymore; you manually append the now to that file in 192.168.1.1

Last edited by chickenjoy; 12-20-2010 at 08:28 AM.
 
Old 12-20-2010, 01:42 PM   #8
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 779Reputation: 779Reputation: 779Reputation: 779Reputation: 779Reputation: 779Reputation: 779
Quote:
it is just for backup purpose single machien carry backup of all machine at the end of the day
I assume you were replying to my comment about allowing root SSH capability. It really doesn't matter what the purpose of the machine is. It is still a bad idea and if you find that this is what is required to make something work it is an indication that something hasn't been setup properly.

If you wish to further restrict access to being from these three machines only, you could also configure the firewall (IPTables) to allow SSH connections from only these three machines.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH not working after ssh-keygen due to lack of entropy grob115 Linux - Security 8 08-28-2010 12:33 PM
ssh-keygen issue salimshahzad Linux - Newbie 1 03-07-2010 04:44 AM
ssh-keygen and path issue pgte3 Other *NIX 2 01-29-2009 08:03 AM
ssh-agent, ssh-add and ssh-keygen AND CVS raylpc Linux - General 2 11-19-2008 03:50 AM
How to ssh-keygen? Baran Linux - Networking 5 04-26-2005 03:40 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:54 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration