Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSH: Avoiding password prompt with rsa key generation
Special Forums UNIX and Linux Applications SSH: Avoiding password prompt with rsa key generation Post 302220737 by same1290 on Friday 1st of August 2008 12:39:11 PM
Old 08-01-2008
Checked ~/.ssh/id_rsa.pub and .ssh/authorized_keys
Ok I started over: I ssh'ed into the remote machine, bricklayer, and deleted .ssh/authorized_keys. then exited to the local machine, meggi, and deleted id_rsa and id_rsa.pub. Then regenerated the key. Here's the whole sequence from scratch:

$ rm .ssh/authorized_keys
$ exit
logout
Connection to bricklayer.remotehost closed.
>
> rm .ssh/id_rsa*
>
> ls .ssh/
known_hosts
> uname -n
meggi
> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/homes/12/same/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /homes/12/same/.ssh/id_rsa.
Your public key has been saved in /homes/12/same/.ssh/id_rsa.pub.
The key fingerprint is:
ff:1b:fa:c6:80:33:15:ae:9e:57:39:94:38:20:67:c1 same@meggi
>
> ssh-copy-id -i ~/.ssh/id_rsa.pub test3@bricklayer.remotehost
test3@bricklayer.remotehost's password:
Now try logging into the machine, with "ssh 'test3@bricklayer.remotehost'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

> cat .ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2E...WUXfilLCNywEmX0= same@meggi
>
>
> ssh test3@bricklayer.remotehost
test3@bricklayer.remotehost's password:
Last login: Fri Aug 1 12:13:58 2008 from meggi.localhost
$
$ uname -n
bricklayer
$ cat .ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2E...WUXfilLCNywEmX0= same@meggi
$

So the two files ~/.ssh/id_rsa.pub and .ssh/authorized_keys are identical, I diff'ed them. Is that the way it should be? Also does the local machine's ~/.ssh/known_hosts file play a role in this?

Thanks,
Sam
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

SFTP in Shell Script with RSA-KEY or password.

I am trying to SFTP to a couple sites. One has an RSA-KEY that was sent to me. Currently I am running that manually using WinSCP. I would like to set it up as a CRON process on our Linux host (Sun). Can I use the rsa-key they sent me in any directory or does it need to be placed in a specific... (2 Replies)
Discussion started by: alemat
2 Replies

2. Shell Programming and Scripting

automating RSA key pair generation

I want to automate the process of generating RSA keys. I want to remotley login to a linux machine from a windows maching without having to enter a password. For this I need to generate the RSA key pair. but I want to do this procedure on alot of linux machines. For which I was looking to automate... (2 Replies)
Discussion started by: lassimanji
2 Replies

3. AIX

Ssh installation error "RSA key generation failed"

While trying to upgrade ssh from v4.7 to v5.0 on AIX 5.3 TL9, I end up with the following error. Has anyone come across this? Note: openssl has been upgraded to 0.9.8.840 before this upgrade Bala (0 Replies)
Discussion started by: balaji_prk
0 Replies

4. AIX

While trying to do ssh without password, rsa key file is created as empty.

Hi i have aix 5.3 operating system, and i am trying to do ssh without passwd, when i tried to create a rsakey, it produces empty file as an output, how can solve that problem? why it is giving empty output file, i tried with different user, situation same,.i have restarted sshd server. .ssh... (2 Replies)
Discussion started by: nibiru78
2 Replies

5. Linux

SSH user equivalency still prompt for password

Hi All, I've followed the exact same steps of how to setup and enable SSH user equivalent including the right permission, but when I "ssh" it still prompts for password. Could you help to see what I did wrong? I appreciate any helps. :confused: server1.com:/u01/oracle RAC1 > mkdir... (2 Replies)
Discussion started by: Beginer0705
2 Replies

6. UNIX for Dummies Questions & Answers

SSH version of rlogin (ie without password prompt)

I have 3 Solaris 10 UNIX servers, the shadow and passwd file are all identical and are automatically sync every 5 minutes. A majority of the users do not have CLI access but rather use a menu. I currently have menu options that allows them to rlogin to another server and I need to have the... (1 Reply)
Discussion started by: creedonjm
1 Replies

7. Programming

Test SSH but do not return password prompt

Hello forum, I want to have a function to test for passwordless SSH setup. Pretty simple. However, what I'm finding difficult is to NOT return a password prompt to screen IF it's not in place. Here's the function: check_passwordless_ssh_working() #check passed parameter, assuming it is... (4 Replies)
Discussion started by: doonan_79
4 Replies

8. UNIX for Advanced & Expert Users

Need Password-Less ssh with RSA-VPN

We have RSA SecureID softtoken key generator on my Windows machine. It generates new keys every 1 minute. Any HPUX server (be it ServerD or ServerP) requires my ID and the randomly generated RSA SecureID softtoken key from my Windows to login. I login to ServerD. Then I run a script... (0 Replies)
Discussion started by: mohtashims
0 Replies

9. UNIX for Dummies Questions & Answers

[SSH-RSA] Still prompting for password after generating keys

Hello, I'm trying to perform these operations without entering any password, as user "fzd":fzd@machine1> scp /tmp/srcFile1 fzd@machine2:/tmp/$destFile fzd@machine1> scp fzd@machine2:/tmp/$srcFile /tmp/$destFilebut alsofzd@machine1> scp /tmp/srcFile1 machine2:/tmp/$destFile fzd@machine1> scp... (6 Replies)
Discussion started by: fzd
6 Replies

10. Red Hat

Sudo Password Prompt over SSH

I am not sure what I am missing here. I have the following identical entry in /etc/sudoers on multiple Red Hat 6.4 servers. icinga ALL=NOPASSWD:/usr/bin/yum --security --exclude\="kernel*" check-update On one server when I enter the command over SSH as follows it works fine. ssh -t -q... (1 Reply)
Discussion started by: scotbuff
1 Replies

LEARN ABOUT FREEBSD

pam_ssh

PAM_SSH(8)						    BSD System Manager's Manual 						PAM_SSH(8)

NAME

     pam_ssh -- authentication and session management with SSH private keys

SYNOPSIS

     [service-name] module-type control-flag pam_ssh [options]

DESCRIPTION

     The SSH authentication service module for PAM, pam_ssh provides functionality for two PAM categories: authentication and session management.
     In terms of the module-type parameter, they are the ``auth'' and ``session'' features.

   SSH Authentication Module
     The SSH authentication component provides a function to verify the identity of a user (pam_sm_authenticate()), by prompting the user for a
     passphrase and verifying that it can decrypt the target user's SSH key using that passphrase.

     The following options may be passed to the authentication module:

     use_first_pass  If the authentication module is not the first in the stack, and a previous module obtained the user's password, that password
		     is used to authenticate the user.	If this fails, the authentication module returns failure without prompting the user for a
		     password.	This option has no effect if the authentication module is the first in the stack, or if no previous modules
		     obtained the user's password.

     try_first_pass  This option is similar to the use_first_pass option, except that if the previously obtained password fails, the user is
		     prompted for another password.

     nullok	     Normally, keys with no passphrase are ignored for authentication purposes.  If this option is set, keys with no passphrase
		     will be taken into consideration, allowing the user to log in with a blank password.

   SSH Session Management Module
     The SSH session management component provides functions to initiate (pam_sm_open_session()) and terminate (pam_sm_close_session()) sessions.
     The pam_sm_open_session() function starts an SSH agent, passing it any private keys it decrypted during the authentication phase, and sets
     the environment variables the agent specifies.  The pam_sm_close_session() function kills the previously started SSH agent by sending it a
     SIGTERM.

     The following options may be passed to the session management module:

     want_agent  Start an agent even if no keys were decrypted during the authentication phase.

FILES

     $HOME/.ssh/identity  SSH1 RSA key
     $HOME/.ssh/id_rsa	  SSH2 RSA key
     $HOME/.ssh/id_dsa	  SSH2 DSA key
     $HOME/.ssh/id_ecdsa  SSH2 ECDSA key

SEE ALSO

     ssh-agent(1), pam.conf(5), pam(8)

AUTHORS

     The pam_ssh module was originally written by Andrew J. Korty <ajk@iu.edu>.  The current implementation was developed for the FreeBSD Project
     by ThinkSec AS and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
     (``CBOSS''), as part of the DARPA CHATS research program.	This manual page was written by Mark R V Murray <markm@FreeBSD.org>.

BSD
								  October 7, 2011							       BSD
All times are GMT -4. The time now is 12:17 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy