|
ssh connection without password
The subject has been outlined in many articles, yet I can not establish a password-less ssh connection. Below I show what I did and then I include ssh debug info, maybe someone would be able to point out something I am not doing right.
My setup: two SCO 5.0.7 boxes on a private lan, user equivalency established, rcmd/rcp working from one to another just fine. The user account, which is the same on both sides, has no password.
on both boxes:
Code:
$ grep -v '^#' /etc/ssh/sshd_config | grep -v '^$'
RSAAuthentication yes
PubkeyAuthentication yes
Subsystem sftp /usr/lib/openssh/sftp-server
On my source box I generated public key
Code:
$ ssh-keygen -t rsa
$ l -g
-rw------- 1 group 887 May 29 11:39 id_rsa
-rw-r--r-- 1 group 229 May 29 11:39 id_rsa.pub
And I copied pub file to the target box
On the target box:
Code:
$ cd; mkdir .ssh; chmod 700 .ssh; l -dg .ssh
drwx------ 2 group 512 May 29 11:33 .ssh
$ cd .ssh
$ cat ../my_pub > authorized_keys; chmod 600 authorized_keys
$ l -g
-rw------- 1 group 229 May 29 11:33 authorized_keys
Now, when I try to connect from my source box:
Code:
$ ssh -v target_server
OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7d 17 Mar 2004
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to target_server [192.168.1.74] port 22.
debug1: Connection established.
debug1: identity file /u/target_user/.ssh/identity type -1
debug1: identity file /u/target_user/.ssh/id_rsa type 1
debug1: identity file /u/target_user/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'target_server' is known and matches the RSA host key.
debug1: Found key in /u/target_user/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /u/target_user/.ssh/identity
debug1: Offering public key: /u/target_user/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: /u/target_user/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password
target_user@target_server's password:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
target_user@target_server's password:
I see message "ssh_rsa_verify: signature correct" in the debug, which looks like a promising sign, but something is not clicking and it does ask for password, which is removed for this user account, so it is no go.
Any pointers would be appreciated.
Last edited by migurus; 05-29-2009 at 05:14 PM..
Reason: forgot to show sshd_config
|
