03-25-2008
Two key questions here:
1) Is the remote user account accessible and in sync with the password you're trying to use? We often see these due to passwords having expired, etc. (Authentication's intact but only so long as the account is viable;
2) Are you certain that it's not prompting you for a Passphrase instead of a password? If your public key file was not generated with an empty passphrase session authentication will be forced to prompt you for an input on this..negates your automation somewhat.
Lastly, if your client is using SSH2 (Tectia, for example) and your host server is using SSH (OpenSSH, for example), then you'd need to convert the key formats to fit.
9 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi
when i execute the below command
sftp -b ftpCommand.ksh remoteuser@remoterserver
i am getting the error "-b requires an argument greater than zero"
Please can any one help me. (1 Reply)
Discussion started by: vgs
1 Replies
2. Shell Programming and Scripting
Hi
when i execute the below command
sftp -b ftpCommand.ksh remoteuser@remoterserver
i am getting the error "-b requires an argument greater than zero"
Please can any one help me. (4 Replies)
Discussion started by: vgs
4 Replies
3. Shell Programming and Scripting
Thanks to the help from this forum i've learned a lot of good stuff but I still have questions :).
I need to write a script that checks if ssh to a box requires a password. I need it will be an "if" statement, if ssh requires password, then do a key exchange(with i already have). Just need to... (5 Replies)
Discussion started by: elbombillo
5 Replies
4. Shell Programming and Scripting
Hi team,
I know if we need to transfer the files between between 2 servser, we use SFTP through key setup between 2 server.
currently There are some problems and we are not able to setup keys between servers.
How can i use password with SFTP for temporary solutions, so that the file... (6 Replies)
Discussion started by: Amit.Sagpariya
6 Replies
5. Shell Programming and Scripting
Hi
i have generate public private key pair using command
ssh-keygen -t rsa -b 2048
and then it made the two keys under the directory
~/.ssh ( in server 1)
one is public key and another one is private ..
i copied public one key onto my second server under the directory
... (22 Replies)
Discussion started by: aishsimplesweet
22 Replies
6. Shell Programming and Scripting
Hi Guys,
I need to know how can i achieve SFTP "with" password in a shell script.
I have already done passwordless key generation thing and it is working but at the moment i am interested in passing a password.
And another question I have is say i have a.ksh and b.sh scripts...Can i invoke... (6 Replies)
Discussion started by: Arpit Narula
6 Replies
7. Red Hat
There are two servers :
1. Site
2. Testing
from site server i want to connect testing server with ssh password less authentication.
i generated public and private keys with ssh-keygen -t rsa on site server.
cat id_rsa >> authorized_keys
cat id_rsa.pub >> authorized_keys
i... (15 Replies)
Discussion started by: rehantayyab82
15 Replies
8. Shell Programming and Scripting
Hi All,
I am trying to transfer a file from one server to a remote server using SFTP. Client is not ready for key setup.
I am working on Solaris 10.
Here is the code.
#!/bin/ksh
# sample automatic Sftp script to dump a file
USER="user1"
PASSWORD="pass1"
HOST="host1"
sftp $USER@$HOST... (6 Replies)
Discussion started by: megha2525
6 Replies
9. Shell Programming and Scripting
I have been tasked with scripting a sftp transfer from my clients sftp server to a vendor. I have been given a user name and password. This is an older OEL server, 5.2. I am not able to install any packages on this system. It does not have expect, ssh-pass, or any other ssh password helper... (6 Replies)
Discussion started by: mtrgoose
6 Replies
LEARN ABOUT DEBIAN
pam_ssh
PAM_SSH(8) BSD System Manager's Manual PAM_SSH(8)
NAME
pam_ssh -- authentication and session management with SSH private keys
DESCRIPTION
The SSH authentication service module for PAM, pam_ssh provides functionality for two PAM categories: authentication and session management.
SSH Authentication Module
The SSH authentication component verifies the identity of a user by prompting the user for a passphrase and verifying that it can decrypt at
least one of the user's SSH login keys using that passphrase.
The following options may be passed to the authentication module:
debug syslog(3) debugging information at LOG_DEBUG level.
use_first_pass If the authentication module is not the first in the stack, and a previous module obtained the user's password, then
that password is used to decrypt the user's SSH login keys. If this fails, then the authentication module returns
failure without prompting the user for a passphrase.
try_first_pass Similar to the use_first_pass option, except that if the previously obtained password fails to decrypt any of the SSH
login keys, then the user is prompted for an SSH passphrase.
try_first_pass has no effect if pam_ssh is the first module on the stack, or if no previous modules obtained the
user's password.
allow_blank_passphrase Allow SSH keys with no passphrase.
If neither use_first_pass nor try_first_pass is specified, pam_ssh will unconditionally ask for an SSH passphrase.
In addition to the above authentication procedure, all standard SSH keys (identity, id_rsa, id_dsa) for which the obtained password matches
will be decrypted.
SSH Session Management Module
The SSH session management component initiates sessions by starting an SSH agent, passing it any SSH login keys it decrypted during the
authentication phase, and sets the environment variables accordingly.
The SSH session management component terminates the session by killing the previously started SSH agent by sending it a SIGTERM.
The following options may be passed to the session management module:
debug syslog(3) debugging information at LOG_DEBUG level.
INFORMATION LEAKS
Be careful with the using the try_first_pass option when pam_ssh is the first authentication module because it will then leak information
about existing users without login keys: such users will not be asked for a specific SSH passphrase, whereas non-existing users and existing
users with login keys will be asked for a passphrase.
FILES
$HOME/.ssh/identity
$HOME/.ssh/id_rsa
$HOME/.ssh/id_dsa OpenSSH DSA/RSA keys decrypted by pam_ssh.
$HOME/.ssh/login-keys.d/ Location of (possibly symbolic links to) OpenSSH DSA/RSA keys used for authentication and decrypted by pam_ssh.
/var/log/auth.log Usual log file for syslog(3)
SEE ALSO
ssh-agent(1), syslog(3), pam.conf(5), pam(8).
AUTHORS
Andrew J. Korty <ajk@iu.edu> wrote pam_ssh. Dag-Erling Smorgrav wrote the original OpenPAM support code. Mark R V Murray wrote the original
version of this manual page. Jens Peter Secher introduced the login-key concept.
BSD
November 26, 2001 BSD