I have an issue with password less authentication via ssh ( v2)
I have two servers Server A and Server B, following are the server details
I have copied the public keys across both the servers and pasted them in authorized_keys file. Following are the things i have checked
a] .ssh -- direcotry permission is set to 700 on both boxes
b] authorized_keys file is 640 in terms of permission
The issue is I m able to connect to Server A from Server B as user xyz ( whose keys have been exchanged for paswordless auth) .When I try the same from Server B to Server A I fail and it prompts me for a password.
I am writing a script that needs to access various servers some of which are not ssh enabled. In order to access the ssh enabled servers I am using the following command to generate the public key :
ssh-keygen -t rsa
Is there a similar command for the other servers as well.
If I try to use... (1 Reply)
I am writing a script that needs to access various servers some of which are not ssh enabled. In order to access the ssh enabled servers I am using the following command to generate the public key :
ssh-keygen -t rsa
Is there a similar command for the other servers as well.
If I try to use... (1 Reply)
Hi all,
I have N number of AIX hosts, where I need to login frequently and do some routine tasks (run some scripts). I need to setup ssh public/private key, so I can auto-login via a master (wrapper) script and run each script in each server.
I am trying to setup/generate ssh keys, but am... (6 Replies)
Hi,
We are currently implementing an Identity Management application which has several Unix systems as its target system. A pre-defined connector will be installed to provide connection between the Identity Management application and the Unix target system. The connection will use Public Key... (1 Reply)
Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks.
... (1 Reply)
Hi,
please guide me create a public/private key using ssh-keygen, lets say I have been access to server named pngpcdb1with a userid and password ...!!! and also please explain in detail the concept of these keys and ssh as I was planning to use them in ftp related scripts..! Thanks in... (1 Reply)
My password-free ssh connection has worked in the past but has stopped working and I can't get it going again.
The files in .ssh on both source and target are set to 600:
drwx------ 2 ingres 1024 Mar 2 13:57 .
drwxr-xr-x 25 ingres 2048 Mar 29 09:38 ..
-rw------- 1 ingres ... (9 Replies)
I generated a public key that we are using for ssh and sftp but I noticed that I am still being asked for a password when I run my script. is there something I need to put in my script?
Our linux guy said he placed keys on both servers. (2 Replies)
Discussion started by: MJCreations
2 Replies
LEARN ABOUT CENTOS
kas_interactive
KAS_INTERACTIVE(8) AFS Command Reference KAS_INTERACTIVE(8)NAME
kas_interactive - Enters interactive mode
SYNOPSIS
kas interactive
[-admin_username <admin principal to use for authentication>]
[-password_for_admin <admin password>] [-cell <cell name>]
[-servers <explicit list of authentication servers>+]
[-noauth] [-help]
kas i [-a <admin principal to use for authentication>]
[-p <admin password>] [-c <cell name>]
[-s <explicit list of authentication servers>+] [-n] [-h]
DESCRIPTION
The kas interactive command establishes an interactive session for the issuer of the command. By default, the command interpreter
establishes an authenticated connection for the user logged into the local file system with all of the Authentication Servers listed in the
local /etc/openafs/CellServDB file for the cell named in the local /etc/openafs/ThisCell file. To specify an alternate identity, cell name,
or list of Authentication Servers, include the -admin_username, -cell, or -servers arguments respectively. Interactive mode lasts for six
hours unless the maximum ticket lifetime for the issuer or the Authentication Server's Ticket Granting Service is shorter.
There are two other ways to enter interactive mode, in addition to the kas interactive command:
o Type the kas command at the shell prompt without any operation code. If appropriate, include one or more of the -admin_username,
-password_for_admin, -cell, and -servers arguments.
o Type the kas command followed by a user name and cell name, separated by an "@" sign (for example: kas admin@abc.com), to establish a
connection under the specified identity with the Authentication Servers listed in the local /etc/openafs/CellServDB file for the
indicated cell. If appropriate, provide the -servers argument to specify an alternate list of Authentication Server machines that
belong to the indicated cell.
There are several consequences of entering interactive mode:
o The "ka>" prompt replaces the system (shell) prompt. When typing commands at this prompt, provide only the operation code (omit the
command suite name, kas).
o The command interpreter does not prompt for the issuer's password.
The issuer's identity and password, the relevant cell, and the set of Authentication Server machines specified when entering
interactive mode apply to all commands issued during the session. They cannot be changed without leaving the session, except by using
the kas noauthentication command to replace the current authenticated connections with unauthenticated ones. The -admin_username,
-password_for_admin, -cell, and -servers arguments are ignored if provided on a command issued during interactive mode.
To establish an unauthenticated connection to the Authentication Server, include the -noauth flag or provide an incorrect password. Unless
authorization checking is disabled on each Authentication Server machine involved, however, it is not possible to perform any privileged
operations within such a session.
To end the current authenticated connection and establish an unauthenticated one, issue the kas noauthentication command. To leave
interactive mode and return to the regular shell prompt, issue the kas quit command.
OPTIONS -admin_username <admin principal>
Specifies the user identity under which to authenticate with the Authentication Server for execution of the command. For more details,
see kas(8).
-password_for_admin <admin password>
Specifies the password of the command's issuer. If it is omitted (as recommended), the kas command interpreter prompts for it and does
not echo it visibly. For more details, see kas(8).
-cell <cell name>
Names the cell in which to run the command. For more details, see kas(8).
-servers <authentication servers>+
Names each machine running an Authentication Server with which to establish a connection. For more details, see kas(8).
-noauth
Assigns the unprivileged identity "anonymous" to the issuer. For more details, see kas(8).
-help
Prints the online help for this command. All other valid options are ignored.
EXAMPLES
The following example shows a user entering interactive mode as the privileged user "admin".
% kas interactive admin
Password for admin: I<admin_password>
ka>
PRIVILEGE REQUIRED
None
SEE ALSO kas(8), kas_noauthentication(8), kas_quit(8)COPYRIGHT
IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas
Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
OpenAFS 2012-03-26 KAS_INTERACTIVE(8)