There is two server, server A and server B. In server A, I would like to login ssh to server B without typing password. (no need for ssh2)
Therefore, I do the followings:

Server A:
>cd ~
>mkdir .ssh
>ssh-keygen -t dsa -f .ssh/id_dsa
Then copy the file id_dsa.pub to Server B

Server B:
>cd ~
>mkdir .ssh
>cat id_dsa.pub >> ~/.ssh/authorized_keys
>chmod 640 authorized_keys
>rm id_dsa.pub

However, in server A, every time I login server B with ssh. It still prompts password.
Is there anything else needed to be setup?

By default, ssh will try all available authentications IN ORDER (what the default order is, I'm not sure). To make sure that it doesn't try password, add the following options to your ssh command

-o 'PasswordAuthentication no'

and

-o 'PreferredAuthentications publickey'

Also, some servers and clients can be picky about permissions on the key files. Check your documentation to make sure your permissions are correct.

One other thing... It seems like it would be more secure to keep your private key at the client and put your public key on BOTH servers. Then, using authentication forwarding you can login to server A and then from server A to server B seamlessly. Remember, the strength of publickey authentication relies on being able to keep the private key private. Leaving private keys laying around on servers (especially if it's not password protected) seems like a bad idea.



Regards,

Brian Pence
Celestial Software
AbsoluteTelnet (for ssh and telnet on Windows )

Thank you!!
It is ok now after setting the ssh option.

Besides, how to use authentication forwarding?