SSH password less setup asking for password

 
Thread Tools Search this Thread
Operating Systems Linux Red Hat SSH password less setup asking for password
# 1  
Old 03-07-2017
SSH password less setup asking for password

Hello Experts,

when I am trying to connect my target server through sftp after creating ssh password less setup, it is asking for passowrd to connect.

to setup this I followed below process:

-->generated keys by executing the command "ssh-keygen -t rsa"

-->this created my .ssh directory and id_rsa,id_rsa_pub keys

-->after I executed the command "touch authorizedkeys" and gave permissions 600

--> I copied key from my target server into source authorizedkeys file and vice versa.

so now I tried to connect through sftp it is asking for password.


please suggest me, if I am missing anything..

Thanks,
Devi ch
# 2  
Old 03-07-2017
I guess ssh access doesn't work passwordlessly either. Your description of the work flow is not too clear nor detailed; you need to make sure the public key created is appended to the target user's ~/.ssh/authorized_keys file on the target host, and both directory and file have the correct permissions (this is a recommendation, not a requirement).
# 3  
Old 03-07-2017
yes I checked on permissions both directory and files having 755. And public key I appended to authorized_keys too.

source to target it is working, but target to source it is asking for password.
# 4  
Old 03-07-2017
Usually, only one direction is used; on rare occasions only you need the reverse connection.
Did you set up the "target to source" connection the identical way, but source and target mirrored? Please describe the process in full detail - what was done where, what goes where, ...
# 5  
Old 03-08-2017
  • Incorrect permission for .ssh directory and authorized_keys / authorized_keys2 file
  • Corrupt key file, regenerate and copy again.
  • Space,character or line inserted or truncated during appending to existing file. Don’t copy keys manually but do a cat new_keys >> authorized_keys ; For new files copy the file and rename , don’t manually copy paste contents.
  • check the .ssh directory permission
  • try to debug connection
# 6  
Old 03-08-2017
Remember that the permissions have to be locked down at both ends so only the owner at the client end ONLY can read the private key and that the userid on the server (target) ONLY can read/write the public key. SSH and other tools that use these keys will check that they are not vulnerable to someone else editing them. You should also check that the directory permissions for .ssh are read/write/execute for the owner ONLY.

Do not allow any other access to these files. The blanket chmod 777 ....... will make prevent you using them. Try chmod 600 ~/.ssh/* and chmod 700 ~/.ssh on both the client and the server.

If it's not any of the above, when you generated the keys I'm wondering if your provided a passphrase. This would require you to enter the passphrase every time to use the keys, so you can't automate it.

It is best practice to have a passphrase for interactive use of the keys. If you wish, you can have multiple keys defined and use the one without a passphrase for automated processing using the -i flag.



I hope that this helps,
Robin
# 7  
Old 03-08-2017
mode of Directory the key.

Quote:
Originally Posted by rbatte1
Remember that the permissions have to be locked down at both ends so only the owner at the client end ONLY can read the private key and that the userid on the server (target) ONLY can read/write the public key. SSH and other tools that use these keys will check that they are not vulnerable to someone else editing them. You should also check that the directory permissions for .ssh are read/write/execute for the owner ONLY.

Do not allow any other access to these files. The blanket chmod 777 ....... will make prevent you using them. Try chmod 600 ~/.ssh/* and chmod 700 ~/.ssh on both the client and the server.

If it's not any of the above, when you generated the keys I'm wondering if your provided a passphrase. This would require you to enter the passphrase every time to use the keys, so you can't automate it.

It is best practice to have a passphrase for interactive use of the keys. If you wish, you can have multiple keys defined and use the one without a passphrase for automated processing using the -i flag.



I hope that this helps,
Robin

I have run across this time and again and it always takes me a while to remember why. Openssh was specifically written to disallow connection if the permissions of .ssh are too open. see Ubuntu's writeup on this
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies

2. AIX

Verifying a users password on AIX setup with LPA

Hello, We're running AIX 6 & 7. Previously we were using the old encryption techinique (DES/crypt) I have a GUI application that has a verify button (the verify button is sort of a digital signature) - the user clicks it, enters his or her password and we then make a call to a C module, This... (3 Replies)
Discussion started by: evansch
3 Replies

3. UNIX for Advanced & Expert Users

Setup Samba Server to always ask user and password

How do I setup a Samba server to always ask to user and password, when a windows user, prints your files using a shared printer through a Samba Linux Server (CUPS)? (0 Replies)
Discussion started by: viga
0 Replies

4. Solaris

How can i setup ssh password-less login for particular user?

HI Community. I was trying to create ssh password less authentication for one user called night and it's not working for me. These are the steps I followed:- I have logged into the server and issued ssh-ketgen -t rsabash-3.2$ ssh-keygen -t rsa Generating public/private rsa key pair.... (4 Replies)
Discussion started by: bentech4u
4 Replies

5. Shell Programming and Scripting

How to setup a password less ftp??

hi, i want to setup a password less FTP to a remote server so that i can ftp to a remote server without the password. i have setup a passwordless ssh and i am able to use scp commands to connect to the remote server without asking for the password. but when i try to ftp to the same remote... (6 Replies)
Discussion started by: Little
6 Replies

6. Red Hat

setup sudo for cmd exec w/o password

i need to set up a user to execute a restricted command as another user and to be able to do so without entering a password. I understand the security concerns but let's not go there, unless you are really compelled to do so... The directive to permit is that I believe should work and did add to... (2 Replies)
Discussion started by: twk
2 Replies

7. UNIX for Dummies Questions & Answers

SSH with no password

How to setup SSH to not require a password when establishing an SSH connection from server A to server B for particular user? (4 Replies)
Discussion started by: sam101
4 Replies

8. Red Hat

SSH Prompts for Password After Keys Setup Successfully

I setup the keys between 2 servers, but my user account has no password specified for it (never set one up on the account for security reasons). When I try to SSH to the server, SSH prompts for a password that doesn't exist (so I can never connect successfully). Note: 'passwd -d Rynok' removes... (3 Replies)
Discussion started by: Rynok
3 Replies

9. Solaris

SSH Password-less login fails on password expiry.

Hi Gurus I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails. Resetting my password reenables the keys. Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies

10. UNIX for Dummies Questions & Answers

no password ssh

Hello all, I would like to know if anyone had ever set up a network in which they used DHCP and OPENSSH with no password. I can configure my ssh files to allow me to enter any machine without a password as long as I have generated the public and private keysa nd store them in my .ssh/aut... ... (3 Replies)
Discussion started by: larryase
3 Replies
Login or Register to Ask a Question