08-28-2007
Passwordless authentication via SSH
I am trying to implement passwordless authentication via ssh2. I have used the well documented technique of generating a key pair with a blank passphrase on my client machine, and installing the public key on the destination server (AIX 5.3) in the user's .ssh2 directory. I have used this technique successfully in the past on other flavours of Unix.
However when I connect (e.g. using sftp2) it still asks for a password, and I have to supply the user's Unix account password before it lets me in. What have I missed? Is there a setting somewhere else that is overriding those in the sshd2 config file?
10 More Discussions You Might Find Interesting
1. AIX
Hello,
I would like to issue a couple of commands as root on a remote machine without having to enter the root password. I used "ssh-keygen -t rsa" to generate the encryption keys, copied the public key to the remote machine, etc.
I also tried playing around with the sshd_config file and... (3 Replies)
Discussion started by: sphericon
3 Replies
2. HP-UX
Hi,
Can someone help me on ssh-keygen usage...?
I used ssh-keygen after which "id.pub" file was generated in system1's > .ssh directory...
I copied the same into the remote system system2 > .ssh directory as "authorized_keys" file.
Now i tried ssh connection from system 1 to system... (7 Replies)
Discussion started by: EmbedUX
7 Replies
3. Shell Programming and Scripting
Dear All
I need to discuss about the problem which has been discussed so many times here. I need to transfer a file from server A to server B via passwordless SFTP script. By reading the threads on this topic here, I followed the below steps but still it's not working ..
Pls find the steps... (13 Replies)
Discussion started by: uday.shankar
13 Replies
4. Shell Programming and Scripting
I have experience in setting up passwordless authentication by sharing ssh public keys manually.Currently I am in the process to the write a script to perform the same functionality from one source(host) to multiple destinations.
I have one source host (Host A) whose public keys has to be shared... (9 Replies)
Discussion started by: Lancel0t
9 Replies
5. Shell Programming and Scripting
Hi,
I want to login to a remote server and sftp files without password prompting. So, I created private-public key pair as follows:
user1@server1.com .ssh]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user1/.ssh/id_rsa):
Enter... (7 Replies)
Discussion started by: dips_ag
7 Replies
6. Red Hat
Hello,
Need a suggestion to setup private key passwordless authentication. I am not sure this can done or not :wall:
here is the sincerio
I have two servers, sever1 with a user "user1" and servera with usera
here dataflow: usera from servera, will pull/push files to server1 on user1... (2 Replies)
Discussion started by: bobby320
2 Replies
7. Ubuntu
Unable to set ssh passwordless authentication
I am unable to ssh with passwordless authentication from Windows client onto UBuntu server. The ssh version on UBuntu is OpenSSH_5.8p1 Debian-7ubuntu1, OpenSSL 1.0.0e , while SSH on Windows Client is OpenSSH_5.1p1, OpenSSL 0.9.8k. I turned on ssh... (5 Replies)
Discussion started by: tkota
5 Replies
8. UNIX for Dummies Questions & Answers
after copying the public key then also the passwordless authentication is not working
Best regards,
Vishal (2 Replies)
Discussion started by: Vishal_dba
2 Replies
9. Shell Programming and Scripting
Hi,
I am in the process FTPing some of my report files from my production server to another FTP server through batch/Shell Script.
This is working fine with the password less authentication.
Once i place all my report files in the ftp server the end users need to download ... (3 Replies)
Discussion started by: Showdown
3 Replies
10. Shell Programming and Scripting
Hey team
I have to enable password less authentication betweeen A to B server and A to C server and A to D server.
For this I generated a ssh key on server A using ssh-keygen command and copied the key using ssh-copy-id command to B, C and D server. Everything is working fine as of now but... (5 Replies)
Discussion started by: Sandeep_sandy
5 Replies
LEARN ABOUT FREEBSD
ssh-add
SSH-ADD(1) BSD General Commands Manual SSH-ADD(1)
NAME
ssh-add -- adds private key identities to the authentication agent
SYNOPSIS
ssh-add [-cDdkLlXx] [-t life] [file ...]
ssh-add -s pkcs11
ssh-add -e pkcs11
DESCRIPTION
ssh-add adds private key identities to the authentication agent, ssh-agent(1). When run without arguments, it adds the files ~/.ssh/id_rsa,
~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and ~/.ssh/identity. After loading a private key, ssh-add will try to load corresponding
certificate information from the filename obtained by appending -cert.pub to the name of the private key file. Alternative file names can be
given on the command line.
If any file requires a passphrase, ssh-add asks for the passphrase from the user. The passphrase is read from the user's tty. ssh-add
retries the last passphrase if multiple identity files are given.
The authentication agent must be running and the SSH_AUTH_SOCK environment variable must contain the name of its socket for ssh-add to work.
The options are as follows:
-c Indicates that added identities should be subject to confirmation before being used for authentication. Confirmation is performed by
the SSH_ASKPASS program mentioned below. Successful confirmation is signaled by a zero exit status from the SSH_ASKPASS program,
rather than text entered into the requester.
-D Deletes all identities from the agent.
-d Instead of adding identities, removes identities from the agent. If ssh-add has been run without arguments, the keys for the default
identities and their corresponding certificates will be removed. Otherwise, the argument list will be interpreted as a list of paths
to public key files to specify keys and certificates to be removed from the agent. If no public key is found at a given path,
ssh-add will append .pub and retry.
-e pkcs11
Remove keys provided by the PKCS#11 shared library pkcs11.
-k When loading keys into or deleting keys from the agent, process plain private keys only and skip certificates.
-L Lists public key parameters of all identities currently represented by the agent.
-l Lists fingerprints of all identities currently represented by the agent.
-s pkcs11
Add keys provided by the PKCS#11 shared library pkcs11.
-t life
Set a maximum lifetime when adding identities to an agent. The lifetime may be specified in seconds or in a time format specified in
sshd_config(5).
-X Unlock the agent.
-x Lock the agent with a password.
ENVIRONMENT
DISPLAY and SSH_ASKPASS
If ssh-add needs a passphrase, it will read the passphrase from the current terminal if it was run from a terminal. If ssh-add does
not have a terminal associated with it but DISPLAY and SSH_ASKPASS are set, it will execute the program specified by SSH_ASKPASS and
open an X11 window to read the passphrase. This is particularly useful when calling ssh-add from a .xsession or related script.
(Note that on some machines it may be necessary to redirect the input from /dev/null to make this work.)
SSH_AUTH_SOCK
Identifies the path of a UNIX-domain socket used to communicate with the agent.
FILES
~/.ssh/identity
Contains the protocol version 1 RSA authentication identity of the user.
~/.ssh/id_dsa
Contains the protocol version 2 DSA authentication identity of the user.
~/.ssh/id_ecdsa
Contains the protocol version 2 ECDSA authentication identity of the user.
~/.ssh/id_ed25519
Contains the protocol version 2 ED25519 authentication identity of the user.
~/.ssh/id_rsa
Contains the protocol version 2 RSA authentication identity of the user.
Identity files should not be readable by anyone but the user. Note that ssh-add ignores identity files if they are accessible by others.
EXIT STATUS
Exit status is 0 on success, 1 if the specified command fails, and 2 if ssh-add is unable to contact the authentication agent.
SEE ALSO
ssh(1), ssh-agent(1), ssh-keygen(1), sshd(8)
AUTHORS
OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
Theo de Raadt and Dug Song removed many bugs, re-added newer features and created OpenSSH. Markus Friedl contributed the support for SSH
protocol versions 1.5 and 2.0.
BSD
December 7, 2013 BSD