LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 03-10-2016, 03:52 PM   #1
tronayne
Senior Member
 
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541

Rep: Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060
SSH: Cannot Connect as Root to Remote System


Before I screw everything up by allowing legacy root connections with keys and no passphrase, I'm a little at a loss about what to do.

For years I have been generating keys with ssh-keygen with no passphrase. I copy the public key to another server, copy the public key from that server to this server and happily connect as root. The recent upgrade of SSH put a stop to that.

So, OK, can I generate keys with ssh-keygen and no passphrase and do what I've been doing with the new version? Is there a particular method for ssh-keygen? Is there a preferred encryption choice?

I'm particularly interested in doing so because I have jobs that update servers from a master server with no passphrase, just the encrypted keys and I don't want to override the newer configuration unless absolutely necessary.

Thanks for any advice.
 
Old 03-10-2016, 06:03 PM   #2
casualfred
Member
 
Registered: Aug 2012
Location: Kentucky, USA
Distribution: Slackware
Posts: 97

Rep: Reputation: 27
tronayne, I do not know why, but I found that I had to create all new keys using ssh-keygen after upgrading SSH. It may have something to do with RSA keys versus DSA keys. I was using DSA keys originally, and I had to run ssh-keygen again to create new RSA keys (which it now generates by default).
 
Old 03-10-2016, 06:49 PM   #3
fogpipe
Member
 
Registered: Mar 2011
Distribution: Slackware 64 -current,
Posts: 550

Rep: Reputation: 194Reputation: 194
Did you check your PermitRootLogin parameter in sshd_config?
 
Old 03-11-2016, 07:29 AM   #4
tronayne
Senior Member
 
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541

Original Poster
Rep: Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060
Quote:
Originally Posted by casualfred View Post
tronayne, I do not know why, but I found that I had to create all new keys using ssh-keygen after upgrading SSH. It may have something to do with RSA keys versus DSA keys. I was using DSA keys originally, and I had to run ssh-keygen again to create new RSA keys (which it now generates by default).
I believe the default was (and is) RSA keys (could be wrong about that but my existing keys are RSA generated by simply ssh-keygen).

My existing key pairs still work for ordinary users, but not for root. I realize that I must edit the PermitRootLogin parameter in sshd_config (thanks for the reminder @fogpipe); I suppose the "real" question is do I have to regenerate all SSH keys to avoid any problems with the change from version 1 to version 2 (if I understand the notes correctly) or just leave it alone for now.

What I do is generate keys for every authorized SSH user on every system, copy the public key to every other system (I just name the public key file to the name of the server) then
Code:
cd .ssh
cat pubkeyfile >> authorized_keys
That lets me connect to the other servers without a password -- I figure the use of encrypted keys in properly configured ~/.ssh directories is good enough, the private keys stay in the ~/.ssh directory where they were generated, only the public keys get copied from server to server. Nobody has root access except root, but root can get to every other root. Works for me.

Maybe I'm just picking nits and should just get on with it and regenerate everything.

Tiz a puzzlement.
 
Old 03-11-2016, 09:23 AM   #5
casualfred
Member
 
Registered: Aug 2012
Location: Kentucky, USA
Distribution: Slackware
Posts: 97

Rep: Reputation: 27
Ah yes you are right, when I created my keys a long time ago, I did choose to make DSA keys explicitly. I'm sure it would have made RSA keys by default.

But, after upgrading my SSH a few months ago from Slackware-current, I could no longer login remotely to other computers using the keys I had been using. After creating new RSA keys and copying those to the other computers, I was able to login again.

This probably doesn't help you, but just thought I would clarify
 
Old 03-11-2016, 02:04 PM   #6
tronayne
Senior Member
 
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541

Original Poster
Rep: Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060
Oh, every little bit helps, can't know too much about this stuff and I appreciate your input.

So, next half hour or so, let's go generate some new keys!
 
Old 03-12-2016, 11:31 AM   #7
tronayne
Senior Member
 
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541

Original Poster
Rep: Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060
Did everything on every box, it all works.

All is well that ends.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
full system backup of a remote server via ssh and without root privileges... masavini Linux - Server 8 01-15-2015 09:22 AM
ssh can not connect remote host crazy6 Linux - Newbie 2 03-04-2011 07:28 PM
ssh unable to connect remote pc satimis Linux - Networking 11 07-29-2009 08:46 PM
Connect to Remote Machine using SSH deepu_linux Linux - Networking 4 09-18-2008 11:12 PM
system said the our root password failure when I use ssh to connect Fedora8 vvcat Linux - Security 1 03-03-2008 12:21 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 02:35 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration