Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: configuring user as trust
Operating Systems Solaris configuring user as trust Post 302361607 by kumarmani on Tuesday 13th of October 2009 04:18:27 PM
Old 10-13-2009
configuring user as trust
Hi Gurus,

Got another issue.

I am trying to configure a user to run some scripts through trusted user where in while logging to remote system it shouldn't ask for password.

i did following to get it working but its not working

i create a private and public key with the below command

# ssh-keygen -t rsa -f < file location>

later i moved the public key with extension .pub to remote system home direcotry under the .ssh and rename the same as "authorized_keys"

Create the .rhosts file and entered the hostname

created the hosts.equiv file and added the hostname

After that as on when i am trying to run the ssh from that specific user i am getting

Code:
The authenticity of host (10.10.10.101) can't be established 
RSA key fingerprint is <big alpha number key seprated by :>
Are you sure you want to continue connecting ( yes/no)  and if i type yes it ask for password , if i press no it says Host key verification failed

Your help will be highly appreciated.

Thanks !
 

7 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

ssh2-keygen trust issue

I have two systems SysA & SysB having the same userid sharing the home directory via NFS mount. I need to know the steps to setup ssh trust between these two systems given that both share the home dir. I have tried all the steps to generate the keys & then creating identification &... (2 Replies)
Discussion started by: deo_kaustubh
2 Replies

2. HP-UX

Not Trust Host 10.10.10.10

I get a message similar to this, in the syslog file. Actually, I am trying to let the host at 10.10.10.10 access the HP-UX system. How do I get it trusted? Thanks! (2 Replies)
Discussion started by: instant000
2 Replies

3. UNIX for Dummies Questions & Answers

ssh trust issue

Hi, i am setting up ssh trust setup between two servers where SVRA is a solaris box and SVRB is a Red Hat Linux. It is asking for the password all the time. I have copied over the SVRA:/home/nagios/.ssh/id_dsa.pub as authorized_keys on to SVRB:/dat01/home/nagios/.ssh/ -bash-3.00$ ssh -vvv... (4 Replies)
Discussion started by: uxadmin007
4 Replies

4. Linux

SCEP and Trust Anchor

Hi Does anybody knows about the simple certificate enrollment protocol details ? if yes please provide me the details. And what is a trust anchor profile ? Thanks in advance. (0 Replies)
Discussion started by: chaitus.28
0 Replies

5. UNIX for Advanced & Expert Users

Configuring user in c-shell

Hi, We need to configure user in c shell with the following format when he tries to login to the system for SOLARIS 9 OS username@hostname> Let me know the steps for the confiuring the user login as per the requirement.. (2 Replies)
Discussion started by: hydoss1
2 Replies

6. Shell Programming and Scripting

SSH Trust Testing

Hi, I want test the ssh trust between two host. It works fine if the trust is working fine but if the trust is not working fine it gets stuck. #!/bin/sh >/users/test/ssh.txt for i in `cat /users/test/host.txt`; do ssh test@$i uname -a >> /users/test/ssh.txt test=`cat... (0 Replies)
Discussion started by: Abhayman
0 Replies

7. Linux

Configuring wu-ftpd for ftp user login

I am having trouble configuring wu-ftpd on my system to allow a real user to login. I am not sure where to start. I'll try to give as much information as possible. Here is a log of what happened. ftp> open 192.168.4.110 Connected to 192.168.4.110 220 192.168.4.110 FTP server (Version... (0 Replies)
Discussion started by: mnmonu
0 Replies

LEARN ABOUT CENTOS

pam_ssh_agent_auth

pam_ssh_agent_auth(8)							PAM						     pam_ssh_agent_auth(8)

PAM_SSH_AGENT_AUTH
       This module provides authentication via ssh-agent.  If an ssh-agent listening at SSH_AUTH_SOCK can successfully authenticate that it has
       the secret key for a public key in the specified file, authentication is granted, otherwise authentication fails.

SUMMARY

       /etc/pam.d/sudo: auth	sufficient     pam_ssh_agent_auth.so file=/etc/security/authorized_keys
       /etc/sudoers:
	    Defaults	env_keep += "SSH_AUTH_SOCK"

       This configuration would permit anyone who has an SSH_AUTH_SOCK that manages the private key matching a public key in
       /etc/security/authorized_keys to execute sudo without having to enter a password. Note that the ssh-agent listening to SSH_AUTH_SOCK can
       either be local, or forwarded.

       Unlike NOPASSWD, this still requires an authentication, it's just that the authentication is provided by ssh-agent, and not password entry.

ARGUMENTS

       file=<path to authorized_keys>
	   Specify the path to the authorized_keys file(s) you would like to use for authentication. Subject to tilde and % EXPANSIONS (below)

       allow_user_owned_authorized_keys_file
	   A flag which enables authorized_keys files to be owned by the invoking user, instead of root. This flag is enabled automatically
	   whenever the expansions %h or ~ are used.

       debug
	   A flag which enables verbose logging

       sudo_service_name=<service name you compiled sudo to use>
	   (when compiled with --enable-sudo-hack)

	   Specify the service name to use to identify the service "sudo". When the PAM_SERVICE identifier matches this string, and if PAM_RUSER
	   is not set, pam_ssh_agent_auth will attempt to identify the calling user from the environment variable SUDO_USER.

	   This defaults to "sudo".

EXPANSIONS

       ~  -- same as in shells, a user's Home directory
	   Automatically enables allow_user_owned_authorized_keys_file if used in the context of ~/. If used as ~user/, it would expect the file
	   to be owned by 'user', unless you explicitely set allow_user_owned_authorized_keys_file

       %h -- User's Home directory
	   Automatically enables allow_user_owned_authorized_keys_file

       %H -- The short-hostname
       %u -- Username
       %f -- FQDN

EXAMPLES

       in /etc/pam.d/sudo

       "auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys"
	   The default .ssh/authorized_keys file in a user's home-directory

       "auth sufficient pam_ssh_agent_auth.so file=%h/.ssh/authorized_keys"
	   Same as above.

       "auth sufficient pam_ssh_agent_auth.so file=~fred/.ssh/authorized_keys"
	   If the home-directory of user 'fred' was /home/fred, this would expand to /home/fred/.ssh/authorized_keys.  In this case, we have not
	   specified allow_user_owned_authorized_keys_file, so this file must be owned by 'fred'.

       "auth sufficient pam_ssh_agent_auth.so file=/secure/%H/%u/authorized_keys allow_user_owned_authorized_keys_file"
	   On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar/fred/authorized_keys.	In this case, we specified
	   allow_user_owned_authorized_keys_file, so fred would be able to manage that authorized_keys file himself.

       "auth sufficient pam_ssh_agent_auth.so file=/secure/%f/%u/authorized_keys"
	   On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar.baz.com/fred/authorized_keys.	In this case, we
	   have not specified allow_user_owned_authorized_keys_file, so this file must be owned by root.

v0.8								    2009-08-09						     pam_ssh_agent_auth(8)
All times are GMT -4. The time now is 04:26 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy