01-10-2012
openssh 5.3 needs password vs. 4.3 using private keys
Hello,
I just installed a bran new Centos 6.2 including openssh 5.3.
On older servers I installed older Linux including openssh 4.3,
I am using keygen with private/public keys to log root on all servers (in a LAN) without typing password each time.
To do this, of course, I have my local private key (privkey) and public key in each server (/root/.ssh/authorized_keys), I get in with command :
# ssh -i privkey root@server
Each server has this specific lines in /etc/ssh/sshd_config :
PermitRootLogin yes
and specific chmod on :
# ls -la /root/.ssh
drwx------. 2 root root 4096 Jan 9 14:53 .
dr-xr-x---. 4 root root 4096 Jan 10 11:55 ..
-rw-r--r--. 1 root root 1204 Jan 9 14:53 authorized_keys
This is working for ages on all other servers (without typing password), but not on my new centos 6.2 with openssh 5.3.
ssh is now requesting the password except if I launch the sshd daemon by hand :
# /usr/sbin/sshd
It sounds like a bug or did I missed a new feature in 5.3 ?
Thanks in advance for your valuable help.
Regards.
9 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Firstly, i apologise if i have posted in a wrong section of the forum. Please let me know which is the correct section my post should go to.
I have to SCP a file from one server(server A) to another (server B). I read around that a secure way is to use public and private keys.
Assuming my... (2 Replies)
Discussion started by: new2ss
2 Replies
2. UNIX for Dummies Questions & Answers
Hello,
I have an issue with an outside party trying to deliver a file to our server via SFTP.
I have setup the .ssh directory under the home directory for the user account that is being used and setup the authorized_keys file with correct permissons etc for .ssh directory and file.
We... (2 Replies)
Discussion started by: richo king
2 Replies
3. HP-UX
HI,
I'm trying to create SSH public/private keys using following command.
hp023:/users/vikram> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/users/vikram/.ssh/id_rsa): rsa
Enter passphrase (empty for no passphrase):
Enter same passphrase... (9 Replies)
Discussion started by: vickramshetty
9 Replies
4. AIX
Hello together,
I have a Problem with openssh on AIX 5.3.
We have a big amount of AIX-hosts that run with openssh but one donīt!
Every time we try to connect via ssh to the host, we get a password prompt.
The myth ist, that there is no Error or somthing else.
Here the output of ssh -vvvv to... (14 Replies)
Discussion started by: heifei
14 Replies
5. Solaris
Where in the world are the ssh private keys stored on the home server? I know the public keys are renamed to authorized_keys under the /export/home//.ssh directory on the remote server. (1 Reply)
Discussion started by: jastanle84
1 Replies
6. UNIX for Advanced & Expert Users
Hello,
I need to extract blocs (private keys) from a file so that each bloc gets extracted to a separate file (*.priv), on the fly
I started to fiddle with awk, without much luck so far....
A block always has this pattern:
----- BEGIN CERTIFICATE -----
variable number of lines (never... (7 Replies)
Discussion started by: pat38000
7 Replies
7. Shell Programming and Scripting
Hi all,
I needed a shell script for file transfering using public/private keys for authentication.
Could you please help me out on this?
A procedure to write a shell script is enough.
Thanks in advance.
Regards.
Vidya N (8 Replies)
Discussion started by: Vidya N
8 Replies
8. Shell Programming and Scripting
Hi All,
I have a query....say on server A, I have generated the Private and Public keys and shared the public key with server B.
Now i can surelyconnect(without password) from server A to server B.....
but can i similarly connect from server B to server A as well
Regards (1 Reply)
Discussion started by: Arpit Narula
1 Replies
9. Shell Programming and Scripting
hi guys , i have few files i have to do sftp, the public and private key work like a magic , no problem at all
the syntax is as below
sftp -0 identityfile=~/ure/blsl/loc2/.ssh/id_rsa_ssh1 ssh1@remote >log_dir/file.timestamp<<end
lcd folder
cd folder
put *
quit
end
================
my... (3 Replies)
Discussion started by: rockymayavia
3 Replies
LEARN ABOUT FREEBSD
ssh-keysign
SSH-KEYSIGN(8) BSD System Manager's Manual SSH-KEYSIGN(8)
NAME
ssh-keysign -- ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
DESCRIPTION
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication with
SSH protocol version 2.
ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
EnableSSHKeysign to ``yes''.
ssh-keysign is not intended to be invoked by the user, but from ssh(1). See ssh(1) and sshd(8) for more information about host-based authen-
tication.
FILES
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_ed25519_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, read-
able only by root, and not accessible to others. Since they are readable only by root, ssh-keysign must be set-uid root if host-
based authentication is used.
/etc/ssh/ssh_host_dsa_key-cert.pub
/etc/ssh/ssh_host_ecdsa_key-cert.pub
/etc/ssh/ssh_host_ed25519_key-cert.pub
/etc/ssh/ssh_host_rsa_key-cert.pub
If these files exist they are assumed to contain public certificate information corresponding with the private keys above.
SEE ALSO
ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)
HISTORY
ssh-keysign first appeared in OpenBSD 3.2.
AUTHORS
Markus Friedl <markus@openbsd.org>
BSD
December 7, 2013 BSD