Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: how to configure ssh2 for not asking password when logging from remote
Operating Systems AIX how to configure ssh2 for not asking password when logging from remote Post 302252108 by arunrao_oradba on Tuesday 28th of October 2008 08:51:11 PM
Old 10-28-2008
how to configure ssh2 for not asking password when logging from remote
Hi gurus,
I am trying to configure ssh2 for not asking passwords when logging in from a remote machine, but it is failing. I ran the command based on the oracle documentation. down below are the steps, please do let me know how to get this solved.
the steps followed
$ /usr/bin/ssh-keygen2 -t dsa
Generating 2048-bit dsa key pair
16 .oOOo.oOo.oO
Key generated.
2048-bit dsa, uvarshne@sunsm1a, Tue Oct 28 2008 18:02:01 -0500
Passphrase :
Again :
Key is stored with NULL passphrase.
(You can ignore the following warning if you are generating hostkeys.)
This is not recommended.
Don't do this unless you know what you're doing.
If file system protections fail (someone can access the keyfile),
or if the super-user is malicious, your key can be used without
the deciphering effort.
Private key saved to /home/dba/uvarshne/.ssh2/id_dsa_2048_b
Public key saved to /home/dba/uvarshne/.ssh2/id_dsa_2048_b.pub
$ /usr/bin/ssh-keygen2 -t rsa
Generating 2048-bit rsa key pair
4 .oOo.oOo.oOo
Key generated.
2048-bit rsa, uvarshne@sunsm1a, Tue Oct 28 2008 18:10:01 -0500
Passphrase :
Again :
Key is stored with NULL passphrase.
(You can ignore the following warning if you are generating hostkeys.)
This is not recommended.
Don't do this unless you know what you're doing.
If file system protections fail (someone can access the keyfile),
or if the super-user is malicious, your key can be used without
the deciphering effort.
Private key saved to /home/dba/uvarshne/.ssh2/id_rsa_2048_b
Public key saved to /home/dba/uvarshne/.ssh2/id_rsa_2048_b.pub

$ touch ~/.ssh2/authorization

$ ssh2 cat id_rsa_2048_*.pub >> authorization^C
$ stty erase
$ ssh2 ^C
$ uname -a
SunOS sunsm1a 5.8 Generic_117350-39 sun4u sparc SUNW,Sun-Fire-280R
$ ssh2 sunsm1a cat ^C
$ pwd
/home/dba/uvarshne/.ssh2

$ ssh2 sunsm1a /home/dba/uvarshne/.ssh2/id_rsa_2048_*.pub >> authorization
Host key not found from database.
Key fingerprint:
xihel-hobyk-mimiv-tifal-dicyb-vubul-hezek-begap-nafyg-lamym-bexux
You can get a public key's fingerprint by running
% ssh-keygen -F publickey.pub
on the keyfile.
warning: tcgetattr failed in ssh_rl_set_tty_modes_for_fd: fd 1: Inappropriate ioctl for device

^C
Received signal 2. (no core)

$ cat id_rsa_2048_b.pub >authorization
$ cat id_dsa_2048_b.pub >>authorization

$ ssh sunsm1a date
Host key not found from database.
Key fingerprint:
xihel-hobyk-mimiv-tifal-dicyb-vubul-hezek-begap-nafyg-lamym-bexux
You can get a public key's fingerprint by running
% ssh-keygen -F publickey.pub
on the keyfile.
Are you sure you want to continue connecting (yes/no)? yes
Host key saved to /home/dba/uvarshne/.ssh2/hostkeys/key_22_sunsm1a.pub
host key for sunsm1a, accepted by uvarshne Tue Oct 28 2008 18:14:22 -0500

uvarshne's password:


I am not sure where i am going wrong
Can you please help me out on this.

thanks in advance
Arun


Warning: It is not nice to hijack the threads of other people with your problems so you should be polite and open a thread on your own next time, which I did now for you this time. Also a hint to make your thread more readable is to use [ code ] and [ /code ] tags to display your logs/code etc.
Last edited by zaxxon; 10-29-2008 at 05:34 AM.. Reason: Moderation, thread hijack
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Delay when logging in remote

Hello again! When I log in to my computer (Ultra 5 running Solaris 8) from a pc (FTP or Telnet) I have to wait forever (about 30 seconds) before I can log in. Is this some kind of security thing? Can I turn it of? How? Anders (8 Replies)
Discussion started by: alfabetman
8 Replies

2. Shell Programming and Scripting

logging to remote server

Hi, I want to log-in to a remote server using shell script. The server requires the following while allowing a connection: username password one - letter authorisation. How can i implement this in my script? thanks, abey (6 Replies)
Discussion started by: abey
6 Replies

3. Shell Programming and Scripting

Problem with logging into remote host

Hi All, I am using a script for remotely logging into a rhost using telnet and shutdown a server. The script is as follows. IP = 10.24.12.23; export IP UNAME = username ; export UNAME PWD = password; export PWD CRDIR = /etc/rc.d/init.d ; export CRDIR echo "logging into remote... (4 Replies)
Discussion started by: patil_reddy
4 Replies

4. Cybersecurity

how to configure ssh2 for not asking password when logging from remote

Hi gurus, I am trying to configure ssh2 for not asking passwords when logging in from a remote machine, but it is failing. I ran the command based on the oracle documentation. down below are the steps, please do let me know how to get this solved. the steps followed $ /usr/bin/ssh-keygen2 -t dsa... (2 Replies)
Discussion started by: arunrao_oradba
2 Replies

5. AIX

How to enable password expired messages in ssh2

My SSH version is OpenSSH_5.0p1 and it is not prompting for new password and it is saying that when password expired "Permission denied". Please some one help me regarding this $ ssh devdhq4 "Use is subject to monitoring by First American CREDCO personnel. Any Criminal activity or wrongdoing... (1 Reply)
Discussion started by: choudarysuresh
1 Replies

6. Solaris

how to login with ssh to remote system with out applying the remote root/usr password

how to login with ssh to remote system with out applying the remote root/user password with rlogin we can ujse .rhosts file but with ssh howits possible plz guide (2 Replies)
Discussion started by: tv.praveenkumar
2 Replies

7. SCO

sco remote logging problem

Hello, I am trying to write log from sco box to a remote host. We already have that setting working for linux server using syslog. With this setting(on LINUX) *.* @remote-host for sco I have this *.debug /usr/adm/syslog *.* ... (3 Replies)
Discussion started by: polestar
3 Replies

8. AIX

Remote Script command logging question

I've noticed that when running a script that connects to a number of our servers (to essentially run batch commands) that the commands aren't logged in the user's .sh_history or .bash_history files. Is there a place where this is logged (assuming the script itself isn't doing the logging and I'm... (3 Replies)
Discussion started by: kneemoe
3 Replies

9. Shell Programming and Scripting

How to login with other set of credentials while remote logging?

Below is the code. I need to login into the router if the 1st set of credentials are correct.. if wrong... then it has to check with 2nd set of credentials.. => if the credentials are correct... then it should continue.. => if the credentials are wrong(should not check for 2nd time... then... (0 Replies)
Discussion started by: scriptscript
0 Replies

LEARN ABOUT REDHAT

ssh-keygen

SSH-KEYGEN(1)						    BSD General Commands Manual 					     SSH-KEYGEN(1)

NAME

     ssh-keygen -- authentication key generation, management and conversion

SYNOPSIS

     ssh-keygen [-q] [-b bits] -t type [-N new_passphrase] [-C comment] [-f output_keyfile]
     ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
     ssh-keygen -i [-f input_keyfile]
     ssh-keygen -e [-f input_keyfile]
     ssh-keygen -y [-f input_keyfile]
     ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]
     ssh-keygen -l [-f input_keyfile]
     ssh-keygen -B [-f input_keyfile]
     ssh-keygen -D reader
     ssh-keygen -U reader [-f input_keyfile]

DESCRIPTION

     ssh-keygen generates, manages and converts authentication keys for ssh(1).  ssh-keygen can create RSA keys for use by SSH protocol version 1
     and RSA or DSA keys for use by SSH protocol version 2. The type of key to be generated is specified with the -t option.

     Normally each user wishing to use SSH with RSA or DSA authentication runs this once to create the authentication key in $HOME/.ssh/identity,
     $HOME/.ssh/id_dsa or $HOME/.ssh/id_rsa.  Additionally, the system administrator may use this to generate host keys, as seen in /etc/rc.

     Normally this program generates the key and asks for a file in which to store the private key.  The public key is stored in a file with the
     same name but ``.pub'' appended.  The program also asks for a passphrase.	The passphrase may be empty to indicate no passphrase (host keys
     must have an empty passphrase), or it may be a string of arbitrary length.  A passphrase is similar to a password, except it can be a phrase
     with a series of words, punctuation, numbers, whitespace, or any string of characters you want.  Good passphrases are 10-30 characters long,
     are not simple sentences or otherwise easily guessable (English prose has only 1-2 bits of entropy per character, and provides very bad
     passphrases), and contain a mix of upper and lowercase letters, numbers, and non-alphanumeric characters.	The passphrase can be changed
     later by using the -p option.

     There is no way to recover a lost passphrase.  If the passphrase is lost or forgotten, a new key must be generated and copied to the corre-
     sponding public key to other machines.

     For RSA1 keys, there is also a comment field in the key file that is only for convenience to the user to help identify the key.  The comment
     can tell what the key is for, or whatever is useful.  The comment is initialized to ``user@host'' when the key is created, but can be changed
     using the -c option.

     After a key is generated, instructions below detail where the keys should be placed to be activated.

     The options are as follows:

     -b bits
	     Specifies the number of bits in the key to create.  Minimum is 512 bits.  Generally 1024 bits is considered sufficient, and key sizes
	     above that no longer improve security but make things slower.  The default is 1024 bits.

     -c      Requests changing the comment in the private and public key files.  This operation is only supported for RSA1 keys.  The program will
	     prompt for the file containing the private keys, for the passphrase if the key has one, and for the new comment.

     -e      This option will read a private or public OpenSSH key file and print the key in a 'SECSH Public Key File Format' to stdout.  This
	     option allows exporting keys for use by several commercial SSH implementations.

     -f filename
	     Specifies the filename of the key file.

     -i      This option will read an unencrypted private (or public) key file in SSH2-compatible format and print an OpenSSH compatible private
	     (or public) key to stdout.  ssh-keygen also reads the 'SECSH Public Key File Format'.  This option allows importing keys from several
	     commercial SSH implementations.

     -l      Show fingerprint of specified public key file.  Private RSA1 keys are also supported.  For RSA and DSA keys ssh-keygen tries to find
	     the matching public key file and prints its fingerprint.

     -p      Requests changing the passphrase of a private key file instead of creating a new private key.  The program will prompt for the file
	     containing the private key, for the old passphrase, and twice for the new passphrase.

     -q      Silence ssh-keygen.  Used by /etc/rc when creating a new key.

     -y      This option will read a private OpenSSH format file and print an OpenSSH public key to stdout.

     -t type
	     Specifies the type of the key to create.  The possible values are ``rsa1'' for protocol version 1 and ``rsa'' or ``dsa'' for protocol
	     version 2.

     -B      Show the bubblebabble digest of specified private or public key file.

     -C comment
	     Provides the new comment.

     -D reader
	     Download the RSA public key stored in the smartcard in reader.

     -N new_passphrase
	     Provides the new passphrase.

     -P passphrase
	     Provides the (old) passphrase.

     -U reader
	     Upload an existing RSA private key into the smartcard in reader.

FILES

     $HOME/.ssh/identity
	     Contains the protocol version 1 RSA authentication identity of the user.  This file should not be readable by anyone but the user.
	     It is possible to specify a passphrase when generating the key; that passphrase will be used to encrypt the private part of this file
	     using 3DES.  This file is not automatically accessed by ssh-keygen but it is offered as the default file for the private key.  ssh(1)
	     will read this file when a login attempt is made.

     $HOME/.ssh/identity.pub
	     Contains the protocol version 1 RSA public key for authentication.  The contents of this file should be added to
	     $HOME/.ssh/authorized_keys on all machines where the user wishes to log in using RSA authentication.  There is no need to keep the
	     contents of this file secret.

     $HOME/.ssh/id_dsa
	     Contains the protocol version 2 DSA authentication identity of the user.  This file should not be readable by anyone but the user.
	     It is possible to specify a passphrase when generating the key; that passphrase will be used to encrypt the private part of this file
	     using 3DES.  This file is not automatically accessed by ssh-keygen but it is offered as the default file for the private key.  ssh(1)
	     will read this file when a login attempt is made.

     $HOME/.ssh/id_dsa.pub
	     Contains the protocol version 2 DSA public key for authentication.  The contents of this file should be added to
	     $HOME/.ssh/authorized_keys on all machines where the user wishes to log in using public key authentication.  There is no need to keep
	     the contents of this file secret.

     $HOME/.ssh/id_rsa
	     Contains the protocol version 2 RSA authentication identity of the user.  This file should not be readable by anyone but the user.
	     It is possible to specify a passphrase when generating the key; that passphrase will be used to encrypt the private part of this file
	     using 3DES.  This file is not automatically accessed by ssh-keygen but it is offered as the default file for the private key.  ssh(1)
	     will read this file when a login attempt is made.

     $HOME/.ssh/id_rsa.pub
	     Contains the protocol version 2 RSA public key for authentication.  The contents of this file should be added to
	     $HOME/.ssh/authorized_keys on all machines where the user wishes to log in using public key authentication.  There is no need to keep
	     the contents of this file secret.

AUTHORS

     OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
     Theo de Raadt and Dug Song removed many bugs, re-added newer features and created OpenSSH.  Markus Friedl contributed the support for SSH
     protocol versions 1.5 and 2.0.

SEE ALSO

     ssh(1), ssh-add(1), ssh-agent(1), sshd(8)

     J. Galbraith and R. Thayer, SECSH Public Key File Format, draft-ietf-secsh-publickeyfile-01.txt, March 2001, work in progress material.

BSD
								September 25, 1999							       BSD
All times are GMT -4. The time now is 09:55 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy