02-19-2012
Even after installing public key on the target host, and updating the authorized file, ssh will prompt for a password should file permissions on the ~/.ssh directory, and files within, not be what ssh expects/desires. The quote below is from the ssh manual page and lists good settings:
Quote:
~/.ssh/
This directory is the default location for all user-specific configuration and authentication information. There is no general requirement to keep the entire contents of this directory secret, but the recommended permissions are read/write/execute for the user, and not accessible by others.
~/.ssh/authorized_keys
Lists the public keys (RSA/DSA) that can be used for logging in as this user. The format of this file is described in the sshd(8) manual page. This file is not highly sensitive, but the recommended permissions are read/write for the user, and not accessible by others.
~/.ssh/config
This is the per-user configuration file. The file format and configuration options are described in ssh_config(5). Because of the potential for abuse, this file must have strict permissions: read/write for the user, and not accessible by others.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
This morning I was working by Xwindow to my unix server (hp-ux, 11 version), without any problem but this afteernoon, the connections was refused, and triying to connect using telnet, sometimes I can establish the connection and refuses me in a minute, the error message that appears is "your... (1 Reply)
Discussion started by: fvicente
1 Replies
2. UNIX for Dummies Questions & Answers
Hi,
I need to implement sftp between server 1 and server2.
I have already generated the public key using account user1 on server 1 and and sent it to the administrator of server2.
I have also finished updating the identification file at /home/user1/.ssh2
I have an account created... (11 Replies)
Discussion started by: tansha
11 Replies
3. Shell Programming and Scripting
Hi All,
I am trying to connect from Unix machine to Windows 2003 server using passphrase method. It is connecting to the server and the connection is immediately closing. Below is the stack trace. Can anyone let me know what wrong with it?
cwadmin@iut1wps1:/home/cwadmin> ssh username@targetip... (1 Reply)
Discussion started by: vijayin
1 Replies
4. Shell Programming and Scripting
Hi guyz,
I have a Solaris 5.9 box from which i need to connect to a windows server using Coreftp (passwordless login). Coreftp is installed on windows and in solaris, it is already available.I generated a pair of key(public,private) in windows and specify pub key over there, edit the know_hosts... (7 Replies)
Discussion started by: Renjesh
7 Replies
5. Solaris
Hi,
Earlier, I have configured SFTP successfully in my prev jobs.
This time I have to configure SFTP for local server (uses SSH2) and remote server (uses SSH).
I tried to search the forum. I did not find the right thread.
I appreciate your help.
The following is the additional info
>... (5 Replies)
Discussion started by: bobbygsk
5 Replies
6. UNIX for Dummies Questions & Answers
Hi,
After logging in to a server, Can I open a new sftp connection to the same server from the same server itself. Does it have any connection issues/limitations for ports etc. and can I copy/move files using the new sftp connection in the same server. Do we have any limitations of opening new... (1 Reply)
Discussion started by: Mathews567
1 Replies
7. UNIX for Dummies Questions & Answers
Hi,
I am not able to give the password in Unix script for SFTP connection.
When I am trying to manully SFTP command for accessing the server , it asking for pwd and I could provide the pwd but I am not getting how to provide the pwd inside the Unix script.
sftp -v user@xyz.com.
... (4 Replies)
Discussion started by: Vineeta Nigam
4 Replies
8. Shell Programming and Scripting
hi
i need to transfer some files from windows server to unix server using SFTP. but before transferring the files, i need to check the
existence of a particular file in the remote directory (say r_dir1). if the file is present, then SFTP all the files.
after SFTPing the files from the remote... (1 Reply)
Discussion started by: vinit raj
1 Replies
9. Shell Programming and Scripting
hi guys,
i need a script to sftp the file from windows to unix server ....(before that i have to check whether the file exists in the windows server or not
and again i have to reverse sftp the files from unix to windows server.....
regards,
Vasa Saikumar. (13 Replies)
Discussion started by: hemanthsaikumar
13 Replies
10. Windows & DOS: Issues & Discussions
HI ,
I am trying to make a passwordless sftp connection from a unix server to windows server
I have used a existing script which is like this
cd /home150/adm/.ssh/
ssh-agent /usr/bin/ksh <<EOF
ssh-add IDBNEWKEY
ssh-add -l
sftp IDBUSER@abc.com
cd /home/IDBUSER/Share/IDB/
rm ${FILE}... (0 Replies)
Discussion started by: Jcpratap
0 Replies
LEARN ABOUT MOJAVE
ssh-keysign
SSH-KEYSIGN(8) BSD System Manager's Manual SSH-KEYSIGN(8)
NAME
ssh-keysign -- ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
DESCRIPTION
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication.
ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
EnableSSHKeysign to ``yes''.
ssh-keysign is not intended to be invoked by the user, but from ssh(1). See ssh(1) and sshd(8) for more information about host-based authen-
tication.
FILES
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_ed25519_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, read-
able only by root, and not accessible to others. Since they are readable only by root, ssh-keysign must be set-uid root if host-
based authentication is used.
/etc/ssh/ssh_host_dsa_key-cert.pub
/etc/ssh/ssh_host_ecdsa_key-cert.pub
/etc/ssh/ssh_host_ed25519_key-cert.pub
/etc/ssh/ssh_host_rsa_key-cert.pub
If these files exist they are assumed to contain public certificate information corresponding with the private keys above.
SEE ALSO
ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)
HISTORY
ssh-keysign first appeared in OpenBSD 3.2.
AUTHORS
Markus Friedl <markus@openbsd.org>
BSD
February 17, 2016 BSD