Login or Register to Ask a Question and Join Our Community


SuSE

SSH issue - can't get password less login to work

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux SuSE SSH issue - can't get password less login to work
# 1  
Old 04-04-2013
SSH issue - can't get password less login to work
Hello,
I can't seem to get the password less login to work on one of my SLES 11 servers. My ssh agent lets me login to all my other servers, which are Solaris 10, RHEL 5, and SLES 11 servers. Some servers mount my home directory and others don't.

The server that I'm having an issue with doesn't mount my home directory. I can log in with my password. My agent on a Solaris 10 server is working with the other servers. Usually if the agent is not working it will ask for my passphrase, which leads me to believe it is a configuration issue.

I have copied my pub key over and put in authorized_keys file.

Any ideas?
# 2  
Old 04-04-2013
sshd is very finicky about what permissions your ~/.ssh/ folder and your ~/ folder should have. Make sure your home folder isn't world-readable.
# 3  
Old 04-04-2013
Corona688,
Thanks for replying. I looked at ~/.ssh and it indead had world right set. So I set it to 700. My home directory is 750.

I can still only login to the server with my password.
# 4  
Old 04-04-2013
What does ssh -v -v show on login?
# 5  
Old 04-04-2013
This my output.



Code:
bitlord@Solaris-server
< ssh -v Suse-server
Sun_SSH_1.1.4, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to Suse-server [xxx.xxx.xxx.62] port 22.
debug1: Connection established.
debug1: identity file /home/bitlord/.ssh/identity type -1
debug1: identity file /home/bitlord/.ssh/id_rsa type 1
debug1: identity file /home/bitlord/.ssh/id_dsa type -1
debug1: Logging to host: Suse-server
debug1: Local user: bitlord Remote user: bitlord
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1
debug1: match: OpenSSH_5.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1.4
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA, DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug1:  Failed to acquire GSS-API credentials for any mechanisms (No  credentials were supplied, or the credentials were unavailable or  inaccessible
Unknown code 0
)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: Peer sent proposed langtags, ctos: 
debug1: Peer sent proposed langtags, stoc: 
debug1: We proposed langtags, ctos: en-US
debug1: We proposed langtags, stoc: en-US
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 168/320
debug1: bits set: 1059/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'Suse-server' is known and matches the RSA host key.
debug1: Found key in /home/bitlord/.ssh/known_hosts:125
debug1: bits set: 1021/2048
debug1: ssh_rsa_verify: signature correct
debug1: newkeys: mode 1
debug1: set_newkeys: setting new keys for 'out' mode
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: set_newkeys: setting new keys for 'in' mode
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering agent key: /home/bitlord/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /home/bitlord/.ssh/identity
debug1: Trying public key: /home/bitlord/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /home/bitlord/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
Password: 
debug1: Authentication succeeded (keyboard-interactive)
debug1: channel 0: new [client-session]
debug1: send channel open 0
debug1: Entering interactive session.
debug1: ssh_session2_setup: id 0
debug1: channel request 0: env
debug1: channel request 0: pty-req
debug1: channel request 0: shell
debug1: fd 4 setting TCP_NODELAY
debug1: channel 0: open confirm rwindow 0 rmax 32768
Last login: Thu Apr  4 17:35:14 2013 from Solaris-server

---------- Post updated at 02:24 PM ---------- Previous update was at 02:11 PM ----------

I have compared the above output to the same output from a successful key exchange and the change happens after this point.
Code:
debug1: Offering agent key: /home/bitlord/.ssh/id_rsa

# 6  
Old 04-04-2013
The public key is in ~/.ssh/authorized_keys on the remote box? - just checking; you
should too.

Code:
grep -i (remote node that does not work) authorized_keys

# 7  
Old 04-04-2013
As an aside - you could never have logged in via any keys with your original permissions.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Red Hat

Need to login without password using ssh

I am using redhat 6.4 and i want to login ssh without password kindly guide me (2 Replies)
Discussion started by: kannansoft1985
2 Replies

2. Cybersecurity

Password less SSH login to different server

Hi, It is continuation with my other thread, The issue i found is U1 does not set properly for password less ssh. for setting up password less ssh i followed the following steps 1. ssh-keygen 2. ssh-copy-id -i ~/.ssh/id_rsa.pub hostname 3. /usr/bin/ssh -t -t U1@hostname sample.sh ... (3 Replies)
Discussion started by: sakthi.99it
3 Replies

3. Cybersecurity

Ssh password less login with different ID

Hi, I have setup password less ssh connection between Server A and Server B and I am able to connect with User2. But my requirement is, User 1 run a script in Server A to ssh into Server B as User 2 but it is asking password every time I execute. Server A: Login as User 1 and execute sh... (8 Replies)
Discussion started by: sakthi.99it
8 Replies

4. Cybersecurity

SSH password-less login issue between linux and solaris

Hello Gurus, I am trying to set up bidirectional password-less login between a linux and a Solaris. The way I am doing is very simple, which is creating pub/priv key pairs on each host and add the pub key to each other's authorized_keys file: ssh-keygen -t rsa (I tried dsa, and it didn't work... (4 Replies)
Discussion started by: error_lee
4 Replies

5. Solaris

Problem with ssh login without password

Hello friends, I have the problem with password less login in solaris 10. Issue : In solaris 10 I have 2 different users on is oracle and the other is archmon. when I try to ssh to the other server from oracle it is successful but when I try to ssh from archmon it fails, and it asks for the... (1 Reply)
Discussion started by: Pavankrv
1 Replies

6. Emergency UNIX and Linux Support

SSH password login issue

Hi All, I am facing issue in setting up passwordless login through ssh on two Solaris-10 boxes. user-id ravrwa from server tsapiq04-zrwdq01 should be able to login to server tsbrit03 as cpsuserq, which is not happening. I am not sure where is the problem, while keys are already all set. Here is... (14 Replies)
Discussion started by: solaris_1977
14 Replies

7. Shell Programming and Scripting

rlogin / ssh login with password

Hello, I need to find a way to connect from server1 to 30 other servers using a single line command in order to run various command from the other 30 servers. I am looking for a single line connection command in which i can provide the server name user name and password and connect to the... (2 Replies)
Discussion started by: LiorAmitai
2 Replies

8. Solaris

SSH Password-less login fails on password expiry.

Hi Gurus I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails. Resetting my password reenables the keys. Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies

9. UNIX for Dummies Questions & Answers

Can't get SSH to work without password

Need some help on this!! I've been trying to get SSH to work without having to enter a password. I've found numerous articles on this and have tried the instructions, but am still getting prompted for a password. One thing to mention is that I'm using different IDs on the two servers. Here's... (2 Replies)
Discussion started by: bradtri1
2 Replies

10. HP-UX

login ssh without password

There is two server, server A and server B. In server A, I would like to login ssh to server B without typing password. (no need for ssh2) Therefore, I do the followings: Server A: >cd ~ >mkdir .ssh >ssh-keygen -t dsa -f .ssh/id_dsa Then copy the file id_dsa.pub to Server B Server B:... (2 Replies)
Discussion started by: alfredo
2 Replies
Login or Register to Ask a Question