Konstantin Svist wrote:
Rahul Tidke wrote:
Hello,
I am configuring Fedora Core 6 and CentOS5.3 for automatic SSH
authentication, ssh version is OpenSSH_4.3p2, OpenSSL 0.9.8b, I have
executed following commands but still both systems prompt me for
passwords instead of using public keys.
ssh-keygen -b 1024 -t dsa (on both hosts with empty pass phrase)
ssh-agent $BASH (on both hosts)
ssh-add /root/.ssh/id_dsa (on both hosts)
created "authorized_keys" file in /root/.ssh directory on both the
hosts and copied (exchanged) id_dsa.pub keys to it.
SSH is open on both the hosts.
Now it should login automatically without prompting for passwords; but
it still prompts for password, what is going wrong here? I have tried
disabling password authentication in /etc/ssh/sshd_config but no help.
I usually set everything up without ssh-agent. All you need is
~/.ssh/config file with
Host host2 192.168.1.2
IdentityFile ~/.ssh/id_dsa.host2
^ of course assuming the other computer's host name is host2 and IP
address 192.168.1.2
Copy the .pub into host2:~/.ssh/authorized_keys
You can also tell both systems to use the same public/private keypair if
you're not too worried about security. Otherwise, you can delete .pub file
At this point, this should work w/o a password:
host1$ ssh host2
For your particular problem, check permissions of ~/.ssh/ directory --
it should be 700. All the files in it need at least 400, you can set it
to that and still be able to use it without any issues. 600 also works,
as should 640. Anything more permissive, though, will sometimes result
in ssh server refusing to use it (any user might've seen/modified it, etc.)
If you have selinux enabled, check /var/log/messages on the ssh server
-- it will spit out a message when you try to connect using the private key.
The command to fix it is something like "restorecon -R ~/.ssh" Don't
trust me, though -- it should be mentioned in /var/log/messages if you
need to run it. I just turn selinux off.
HTH
I have verified permissions for .ssh directory and they are ok; but I am
getting following error in /var/log/messages, it is first attempting to
use key authentication and after that password authentication. I think
it is unable to read the key, I copy/pasted these keys from command
promt, what is wrong here.
Jun 26 12:43:58 matrix sshd[1251]: error: key_read: uudecode
AAAAB3NzaC1kc3MAAACBAKmSjy+E8I/3P2HUNHJ/p844rfCULFnUhOPp4PAKnqxJYc+vB3p6kEfR3WFB28csJuWxdKv9fH
OOSaSerS2rkanXTQ8JUwbwwktYoftXgtznYwNhqwoPvdpcfzD2Xv4fYhjQSRtWkMPE0lFYgjOrsH88AWa69T4aSGn58TkX6PAAAAFQC
BH2DnXuKhyZz4d3iSzxUBY98z8QAAAIAK2QhTbCZuKDRy94ol9CC1+CkzhUA7PB3v/zHugb3RAl\n
failed
Thanks.
Rahul
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines