04-09-2008
By default, ssh will try all available authentications IN ORDER (what the default order is, I'm not sure). To make sure that it doesn't try password, add the following options to your ssh command
-o 'PasswordAuthentication no'
and
-o 'PreferredAuthentications publickey'
Also, some servers and clients can be picky about permissions on the key files. Check your documentation to make sure your permissions are correct.
One other thing... It seems like it would be more secure to keep your private key at the client and put your public key on BOTH servers. Then, using authentication forwarding you can login to server A and then from server A to server B seamlessly. Remember, the strength of publickey authentication relies on being able to keep the private key private. Leaving private keys laying around on servers (especially if it's not password protected) seems like a bad idea.
Regards,
Brian Pence
Celestial Software
AbsoluteTelnet (for
ssh and
telnet on Windows )
10 More Discussions You Might Find Interesting
1. Solaris
Hi Gurus
I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails.
Resetting my password reenables the keys.
Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies
2. Shell Programming and Scripting
ssh/sftp login by passing password , is it possible.Don't want to expect. (1 Reply)
Discussion started by: dinjo_jo
1 Replies
3. Solaris
Hi,
I am using DSEE 6.3 to authenticate and authorize my Solaris 9 and 10 users. Everything works fine except password expiration. I use built-in global password policy for all users. The policy works well. However I could not find the right pam configuration in order to prompt users at ssh... (2 Replies)
Discussion started by: niyazi
2 Replies
4. Shell Programming and Scripting
Hello,
I need to find a way to connect from server1 to 30 other servers using a single line command in order to run various command from the other 30 servers.
I am looking for a single line connection command in which i can provide the server name user name and password and connect to the... (2 Replies)
Discussion started by: LiorAmitai
2 Replies
5. Emergency UNIX and Linux Support
Hi All,
I am facing issue in setting up passwordless login through ssh on two Solaris-10 boxes. user-id ravrwa from server tsapiq04-zrwdq01 should be able to login to server tsbrit03 as cpsuserq, which is not happening. I am not sure where is the problem, while keys are already all set. Here is... (14 Replies)
Discussion started by: solaris_1977
14 Replies
6. Solaris
Hello friends,
I have the problem with password less login in solaris 10.
Issue : In solaris 10 I have 2 different users on is oracle and the other is archmon. when I try to ssh to the other server from oracle it is successful but when I try to ssh from archmon it fails, and it asks for the... (1 Reply)
Discussion started by: Pavankrv
1 Replies
7. Cybersecurity
Hi,
I have setup password less ssh connection between Server A and Server B and I am able to connect with User2.
But my requirement is, User 1 run a script in Server A to ssh into Server B as User 2 but it is asking password every time I execute.
Server A:
Login as User 1 and execute sh... (8 Replies)
Discussion started by: sakthi.99it
8 Replies
8. Cybersecurity
Hi,
It is continuation with my other thread, The issue i found is U1 does not set properly for password less ssh.
for setting up password less ssh i followed the following steps
1. ssh-keygen
2. ssh-copy-id -i ~/.ssh/id_rsa.pub hostname
3. /usr/bin/ssh -t -t U1@hostname sample.sh
... (3 Replies)
Discussion started by: sakthi.99it
3 Replies
9. Solaris
HI Community.
I was trying to create ssh password less authentication for one user called night and it's not working for me.
These are the steps I followed:-
I have logged into the server and issued ssh-ketgen -t rsabash-3.2$ ssh-keygen -t rsa
Generating public/private rsa key pair.... (4 Replies)
Discussion started by: bentech4u
4 Replies
10. Red Hat
I am using redhat 6.4 and i want to login ssh without password kindly guide me (2 Replies)
Discussion started by: kannansoft1985
2 Replies
LEARN ABOUT LINUX
ssh-import-lp-id
ssh-import-id(1) ssh-import ssh-import-id(1)
NAME
ssh-import-id - retrieve one or more public keys from a public keyserver (Launchpad.net by default) and append them to the current user's
authorized_keys file (or some other specified file)
SYNOPSIS
ssh-import-id [options] USER_ID_1 [USER_ID_2] ... [USER_ID_n]
OPTIONS
-h | --help usage
-o | --output F write output to file 'F' (default ~/.ssh/authorized_keys, use "-" for standard out)
DESCRIPTION
This utility will securely contact a public keyserver (https://launchpad.net by default) and retrieve one or more user's public keys, and
append these to the current user's ~/.ssh/authorized_keys file.
The system administrator can change the source URL used by ssh-import-id(1) by editing the configuration file, /etc/ssh/ssh_import_id,
which is sourced to obtain the value of URL. By default, URL="https://launchpad.net/~%s/+sshkeys". Note that this url really MUST be a
secure, https url with a valid, signed certificate or else your system will be vulnerable to man-in-the-middle attacks! The "%s" will be
populated by ssh-import-id(1) with the value(s) of USER_ID_1 [USER_ID_2] ... [USER_ID_n].
SEE ALSO
ssh(1)
FILES
/etc/ssh/ssh_import_id
AUTHOR
This manpage and the utility was written by Dustin Kirkland <kirkland@canonical.com> for Ubuntu systems (but may be used by others). Per-
mission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 3 published
by the Free Software Foundation.
On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.
ssh-import 23 Feb 2010 ssh-import-id(1)