Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSH prompts password for non identical users
Top Forums UNIX for Advanced & Expert Users SSH prompts password for non identical users Post 302201250 by ripat on Sunday 1st of June 2008 11:54:33 AM
Old 06-01-2008
Quote:
Originally Posted by vjkatsun
In public key it contains root@host1 - which is fine. Coz, am always logged as root in host1 - so no need to change
On host 2, when you try to login as user@host1 sshd will look for a public key belonging to user@host1, not root@host1 even if you invoque ssh user@host2 in a root session on host1. Hence the need to edit the public key indentification in the host2 authorized_keys. Or to create a new pair of keys for user

To trouble shoot:
$ tail -f /var/log/auth.log | grep ssh # adapt to the log name or UID specific to your *nix box

and report errors when trying to connect.
Last edited by ripat; 06-01-2008 at 02:51 PM.. Reason: Add: trouble shoot
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

scripting password prompts

Hi there Probably a really simple question but I am writing an install script and at certain stages of the install (ie creating a table in mysql) the system prompts for you to enter a password, I was wondering, how do I script this input so that the install doesnt keep stopping for manual... (3 Replies)
Discussion started by: hcclnoodles
3 Replies

2. UNIX for Advanced & Expert Users

password prompts

I would like to log all the commands that are entered on an ssh client. I can do this successfully, however, I dont want to log user logins and passwords. Is there any way to identify passwords and avoid them? For example, I can look for a string 'password:' and ignore everything until a nl/cr. Is... (2 Replies)
Discussion started by: balag
2 Replies

3. UNIX for Dummies Questions & Answers

Have users changed their password

How can I know users have changed their passwords ? I don't need their password (!) I have to know if they have changed their pass word and when ? Thank you in advance for any SIMPLE answer. (6 Replies)
Discussion started by: annemar
6 Replies

4. Solaris

SSH Password-less login fails on password expiry.

Hi Gurus I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails. Resetting my password reenables the keys. Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies

5. Red Hat

SSH Prompts for Password After Keys Setup Successfully

I setup the keys between 2 servers, but my user account has no password specified for it (never set one up on the account for security reasons). When I try to SSH to the server, SSH prompts for a password that doesn't exist (so I can never connect successfully). Note: 'passwd -d Rynok' removes... (3 Replies)
Discussion started by: Rynok
3 Replies

6. UNIX Desktop Questions & Answers

Too many users with root password

Hi there, I'm working with a Linux server and now I can get a daily Logwatch mail ... my question is:since there are too many users with root password (...in my opinion... :mad:) how could I prevent to delete information about "su" log? Thanks in advance, GB (3 Replies)
Discussion started by: Giordano Bruno
3 Replies

7. AIX

Users kicked out after changing their password in an ssh session

Hi I have experienced this for years and just put up with it. However a client of mine now wants to stop this happening to their users. I have scoured the internet but can find no reference to the problem. I tried switching to PAM authentication thinking this might help but it made no... (6 Replies)
Discussion started by: johnf
6 Replies

8. Shell Programming and Scripting

ssh foo.com sudo command - Prompts for sudo password as visible text. Help?

I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this: #!/bin/bash rsync /path/on/local/machine/ foo.com:path/on/remote/machine/ ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies

9. Shell Programming and Scripting

how to run a command line with another user without prompts for password

Hi, I'm writing a script, in the script I need to use tcpdump to capture some packets however it needs root priviledge my computer is configured by school and I have no real root priviledge so I can't use sudo on my computer,like Code: sudo tcpdump ...... I have to use a limited... (1 Reply)
Discussion started by: esolve
1 Replies

10. Red Hat

SSH password less setup asking for password

Hello Experts, when I am trying to connect my target server through sftp after creating ssh password less setup, it is asking for passowrd to connect. to setup this I followed below process: -->generated keys by executing the command "ssh-keygen -t rsa" -->this created my .ssh directory... (9 Replies)
Discussion started by: Devipriya Ch
9 Replies

LEARN ABOUT OSF1

hosts.equiv

hosts.equiv(4)						     Kernel Interfaces Manual						    hosts.equiv(4)

NAME

       hosts.equiv - A file containing the names of remote systems and users that can execute commands on the local system

SYNOPSIS

       /etc/hosts.equiv

DESCRIPTION

       The  /etc/hosts.equiv  file and the .rhosts file in a user's home directory contain the names of remote hosts and users that are equivalent
       to the local host or user.  An equivalent host or user is allowed to access a local nonsuperuser account with the rsh command or  rcp  com-
       mand, or to log in to such an account without having to supply a password.

       The  /etc/hosts.equiv  file specifies equivalence for an entire system, while a user's .rhosts file specifies equivalence between that user
       and remote users.  The local user and the target system exist in the same area as the hosts.equiv file.	The .rhosts file must be owned	by
       the user in whose home directory the file is located, or by the superuser.  It cannot be a symbolic link.

       Each  line,  or	entry, in hosts.equiv or .rhosts may consist of the following: A blank line.  A comment (begins with a #).  A host name (a
       string of any printable characters except newline, #, or white space). In addition, an NIS netgroup can be specified in place of  the  host
       name.   A  host name followed by white space and a user name. In addition, an NIS netgroup can be specified in place of the host name, user
       name, or both.  A single plus (+) character. This means any host and user.  The keyword NO_PLUS. This keyword disallows the use of the plus
       character  (+) to match any host or user on a system-wide basis. By default, the line containing this keyword is a comment. Remove the com-
       ment character to disallow the use of the plus character.

       Entries in the hosts.equiv file are either positive or negative. Positive entries allow access; negative entries deny access. The following
       entries are positive: host name user name +@netgroup

       In  addition, the plus sign (+) can be used in place of the host name or user name. In place of the host name, it means any remote host. In
       place of the user name, it means any user.

       The following entries are negative: -host name -user name -@netgroup

       To be allowed access or denied access, a user's remote host name and user name  must  match  an	entry  in  hosts.equiv	or  .rhosts.   The
       hosts.equiv  file is searched first; if a match is found, the search ends.  Therefore, the order in which the positive and negative entries
       appear is important. If a match is not found, .rhosts is searched if it exists in the user's home directory.

       A host name or user name can match an entry in hosts.equiv in one of the following ways: The official host  name  (not  an  alias)  of  the
       remote  host  matches  a  host  name in hosts.equiv.  The remote user name matches a user name in hosts.equiv.  If a user name parameter is
       included in the hosts.equiv file, this means that the remote user is a trusted user and is allowed to rlogin  to  any  local  user  account
       without	being  prompted  for  a  password. Otherwise, if the user name parameter is not specified in the hosts.equiv file, the name of the
       remote user must match that of the local user.  If the remote user name does not match a user name in hosts.equiv,  the	remote	user  name
       matches the local user name.

CAUTIONS

       For security purposes, the files /etc/hosts.equiv and .rhosts should exist and be readable and writable only by the owner, even if they are
       empty.

EXAMPLES

       The following are sample entries in an /etc/hosts.equiv file: # Allows access to users on host1 and host2 that have accounts on this  host:
       host1  host2 # Allows access to user johnson on host1 to any local user: host1 johnson # Allows access to all users on systems specified in
       netgroup chicago +@chicago # Denies access to users specified in netgroup finance on host5 host5 -@finance # Allows access to all users	on
       all systems except root + -root

RELATED INFORMATION

       Commands: rcp(1), rlogin(1), rsh(1)

       Functions: ruserok(3).

       Files: netgroup(4)

       Daemons: rlogind(8), rshd(8) delim off

																    hosts.equiv(4)
All times are GMT -4. The time now is 09:16 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy