08-09-2012
Passwordless ssh
Hi
I have created a user on a linux server and created a passwordless ssh key. I've echoed the key into the authorized_keys file for the user.
I've added a series of forced commands to the key.
From my laptop - logged in as myself - I can ssh into the server as that user and the commands are executed.
All well and good.
How can I alter the key to accept ssh connections as that same user, but from any machine on my network?
At the moment, the key ends with myuser@mylaptop
If I try to ssh from my other laptop as the same user I am prompted for a password and then the command fails.
Thanks in advance
Steady
10 More Discussions You Might Find Interesting
1. AIX
I am trying to implement passwordless authentication via ssh2. I have used the well documented technique of generating a key pair with a blank passphrase on my client machine, and installing the public key on the destination server (AIX 5.3) in the user's .ssh2 directory. I have used this technique... (1 Reply)
Discussion started by: RegX
1 Replies
2. HP-UX
Hi,
Can someone help me on ssh-keygen usage...?
I used ssh-keygen after which "id.pub" file was generated in system1's > .ssh directory...
I copied the same into the remote system system2 > .ssh directory as "authorized_keys" file.
Now i tried ssh connection from system 1 to system... (7 Replies)
Discussion started by: EmbedUX
7 Replies
3. Shell Programming and Scripting
Hi,
I want to login to a remote server and sftp files without password prompting. So, I created private-public key pair as follows:
user1@server1.com .ssh]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user1/.ssh/id_rsa):
Enter... (7 Replies)
Discussion started by: dips_ag
7 Replies
4. AIX
hi all
I have a problem to set up the password ssh login for a non-root user. what I want to do is that non-root user in host A logs into host B without password prompted.
what I did listed as the following steps.
1. genarate a pair of keys from host A.
ssy-keygen -t rsa -N "" -f... (9 Replies)
Discussion started by: rs6000er
9 Replies
5. UNIX for Dummies Questions & Answers
hi,
i have tried with passwordless shh in google..
i followed the below steps ...
user:~> ssh-keygen -t rsa
Enter file in which to save the key (/home/cantin/.ssh/id_rsa):key.txt
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
till this step i... (0 Replies)
Discussion started by: arunmanas
0 Replies
6. Shell Programming and Scripting
My main concern is, i have to login into 300 linux server and all are having same userid and password. I dont want to create any key for each server to login .
Is there a way to run the shell script ? (3 Replies)
Discussion started by: Mani2512
3 Replies
7. Ubuntu
Unable to set ssh passwordless authentication
I am unable to ssh with passwordless authentication from Windows client onto UBuntu server. The ssh version on UBuntu is OpenSSH_5.8p1 Debian-7ubuntu1, OpenSSL 1.0.0e , while SSH on Windows Client is OpenSSH_5.1p1, OpenSSL 0.9.8k. I turned on ssh... (5 Replies)
Discussion started by: tkota
5 Replies
8. Solaris
Hi Experts,
I am trying to setup passwordless ssh for root between two of my solaris servers(say A & B).
I have exchanged the public keys between both servers.
Password less ssh working fine while I try to connect from Server A to Server B.
However it is still asking password... (6 Replies)
Discussion started by: sai_2507
6 Replies
9. Shell Programming and Scripting
Hey team
I have to enable password less authentication betweeen A to B server and A to C server and A to D server.
For this I generated a ssh key on server A using ssh-keygen command and copied the key using ssh-copy-id command to B, C and D server. Everything is working fine as of now but... (5 Replies)
Discussion started by: Sandeep_sandy
5 Replies
10. UNIX for Advanced & Expert Users
Hello Folks,
I lost touch in ssh key gen topics.
I am in need of ssh to a server without password, kindly help me in configuring.
I have two servers,
server1 with user name apha & server1 with user name beta.
I need to ssh to the server2 from server1 with respective users,
Manually i... (3 Replies)
Discussion started by: Thala
3 Replies
LEARN ABOUT CENTOS
pam_ssh_agent_auth
pam_ssh_agent_auth(8) PAM pam_ssh_agent_auth(8)
PAM_SSH_AGENT_AUTH
This module provides authentication via ssh-agent. If an ssh-agent listening at SSH_AUTH_SOCK can successfully authenticate that it has
the secret key for a public key in the specified file, authentication is granted, otherwise authentication fails.
SUMMARY
/etc/pam.d/sudo: auth sufficient pam_ssh_agent_auth.so file=/etc/security/authorized_keys
/etc/sudoers:
Defaults env_keep += "SSH_AUTH_SOCK"
This configuration would permit anyone who has an SSH_AUTH_SOCK that manages the private key matching a public key in
/etc/security/authorized_keys to execute sudo without having to enter a password. Note that the ssh-agent listening to SSH_AUTH_SOCK can
either be local, or forwarded.
Unlike NOPASSWD, this still requires an authentication, it's just that the authentication is provided by ssh-agent, and not password entry.
ARGUMENTS
file=<path to authorized_keys>
Specify the path to the authorized_keys file(s) you would like to use for authentication. Subject to tilde and % EXPANSIONS (below)
allow_user_owned_authorized_keys_file
A flag which enables authorized_keys files to be owned by the invoking user, instead of root. This flag is enabled automatically
whenever the expansions %h or ~ are used.
debug
A flag which enables verbose logging
sudo_service_name=<service name you compiled sudo to use>
(when compiled with --enable-sudo-hack)
Specify the service name to use to identify the service "sudo". When the PAM_SERVICE identifier matches this string, and if PAM_RUSER
is not set, pam_ssh_agent_auth will attempt to identify the calling user from the environment variable SUDO_USER.
This defaults to "sudo".
EXPANSIONS
~ -- same as in shells, a user's Home directory
Automatically enables allow_user_owned_authorized_keys_file if used in the context of ~/. If used as ~user/, it would expect the file
to be owned by 'user', unless you explicitely set allow_user_owned_authorized_keys_file
%h -- User's Home directory
Automatically enables allow_user_owned_authorized_keys_file
%H -- The short-hostname
%u -- Username
%f -- FQDN
EXAMPLES
in /etc/pam.d/sudo
"auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys"
The default .ssh/authorized_keys file in a user's home-directory
"auth sufficient pam_ssh_agent_auth.so file=%h/.ssh/authorized_keys"
Same as above.
"auth sufficient pam_ssh_agent_auth.so file=~fred/.ssh/authorized_keys"
If the home-directory of user 'fred' was /home/fred, this would expand to /home/fred/.ssh/authorized_keys. In this case, we have not
specified allow_user_owned_authorized_keys_file, so this file must be owned by 'fred'.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%H/%u/authorized_keys allow_user_owned_authorized_keys_file"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar/fred/authorized_keys. In this case, we specified
allow_user_owned_authorized_keys_file, so fred would be able to manage that authorized_keys file himself.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%f/%u/authorized_keys"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar.baz.com/fred/authorized_keys. In this case, we
have not specified allow_user_owned_authorized_keys_file, so this file must be owned by root.
v0.8 2009-08-09 pam_ssh_agent_auth(8)