10-09-2012
prompting for passwords even i configured ssh password less authentication
There are two servers :
1. Site
2. Testing
from site server i want to connect testing server with ssh password less authentication.
i generated public and private keys with
ssh-keygen -t rsa on site server.
cat id_rsa >> authorized_keys
cat id_rsa.pub >> authorized_keys
i appended id_rsa.pub ( public key site server ) to authorized_keys ( testing server ) with below command .
ssh oracle@testing.fgho.com "cat >> ~/.ssh/authorized_keys" < ~/.ssh/id_rsa.pub
am i missing some point in performing procedure for ssh password less authentication ?
because it prompts for passwords agaian and again
one thing i want to tell u that i am doing all above procedure with oracle user .
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi,
Can anybody tell me a way to do ssh , without prompting for password from keyboard, Using RSA. The requirement is I need to create the key , using passphrase also.....
Is there any way to do it in UNIX ?
I am doing it from AIX machine , but remote machine is Linux
I tried... (8 Replies)
Discussion started by: shihabvk
8 Replies
2. HP-UX
Hello,
Do you guys know set of commands that can incorporate to sftp/scp/ssh to add password in a script to automate file transfer.
Our client is not using ssh keys authentication so we are force to create a script to pass the password into the script to transfer files via sftp/scp/ssh.
We... (4 Replies)
Discussion started by: james_falco
4 Replies
3. Red Hat
Hi Gurus,
I have been working on encrypting a partition in a Fedora box and have successfully encrypted a partition(By name /test) using "cryptsetup & luks".
The below command was put up in a runcontrol file which is called during bootup to automount them during bootup.
cat... (0 Replies)
Discussion started by: Hari_Ganesh
0 Replies
4. Programming
Hi,
I have set up my remote server for password-less login via ssh. If I run the command on my server - ssh user@remoteserver "ls -l"
I get an output, but when I try to do this via java
String sCmd = new String{"/usr/bin/ssh", " user@remoteserver", "\"ls -l\""};
Process p =... (3 Replies)
Discussion started by: nrworld
3 Replies
5. UNIX for Dummies Questions & Answers
Hi!
Im trying to set access from ServerA(SunOS) to ServerB(Some custom Linux with Keyboard Interactive login) with SSH Keys. As a proof of concept I was able to do it between 2 virtual machines. Now in my real life scenario it isnt working.
I created the keys in ServerA, copied them to... (7 Replies)
Discussion started by: RedSpyder
7 Replies
6. UNIX for Dummies Questions & Answers
Hello,
I'm trying to perform these operations without entering any password, as user "fzd":fzd@machine1> scp /tmp/srcFile1 fzd@machine2:/tmp/$destFile
fzd@machine1> scp fzd@machine2:/tmp/$srcFile /tmp/$destFilebut alsofzd@machine1> scp /tmp/srcFile1 machine2:/tmp/$destFile
fzd@machine1> scp... (6 Replies)
Discussion started by: fzd
6 Replies
7. Shell Programming and Scripting
Hi,
I have SVN installed in my UNIX solaris server.
I actually automated the process that downloads code from SVN server to UNIX solaris server in script. When i run the script, its asking for password to download every element.
Its really difficult to type password for every element when... (3 Replies)
Discussion started by: gthangav
3 Replies
8. Shell Programming and Scripting
Hi,
When i am trying to connect to other server using ssh coomand, it is prompting for password.
But i want to hardcode it with username so that it should not prompt for password.
And i dont want to use "ssh-keygen" method as it is not allowed.
Please help me.
Regards,
Mukta (7 Replies)
Discussion started by: Mukta
7 Replies
9. Shell Programming and Scripting
Hi All,
I am trying to transfer a file from one server to a remote server using SFTP. Client is not ready for key setup.
I am working on Solaris 10.
Here is the code.
#!/bin/ksh
# sample automatic Sftp script to dump a file
USER="user1"
PASSWORD="pass1"
HOST="host1"
sftp $USER@$HOST... (6 Replies)
Discussion started by: megha2525
6 Replies
10. Shell Programming and Scripting
Hi,
I need to run a script located in a directory on remote server by using ssh authentication from my local unix server. Can anyone help me in this.
I have tried the below command. It worked for echo command but when i tried to open a file using cat command it is showing "cat: cannot open... (6 Replies)
Discussion started by: ssk250
6 Replies
LEARN ABOUT CENTOS
pam_ssh_agent_auth
pam_ssh_agent_auth(8) PAM pam_ssh_agent_auth(8)
PAM_SSH_AGENT_AUTH
This module provides authentication via ssh-agent. If an ssh-agent listening at SSH_AUTH_SOCK can successfully authenticate that it has
the secret key for a public key in the specified file, authentication is granted, otherwise authentication fails.
SUMMARY
/etc/pam.d/sudo: auth sufficient pam_ssh_agent_auth.so file=/etc/security/authorized_keys
/etc/sudoers:
Defaults env_keep += "SSH_AUTH_SOCK"
This configuration would permit anyone who has an SSH_AUTH_SOCK that manages the private key matching a public key in
/etc/security/authorized_keys to execute sudo without having to enter a password. Note that the ssh-agent listening to SSH_AUTH_SOCK can
either be local, or forwarded.
Unlike NOPASSWD, this still requires an authentication, it's just that the authentication is provided by ssh-agent, and not password entry.
ARGUMENTS
file=<path to authorized_keys>
Specify the path to the authorized_keys file(s) you would like to use for authentication. Subject to tilde and % EXPANSIONS (below)
allow_user_owned_authorized_keys_file
A flag which enables authorized_keys files to be owned by the invoking user, instead of root. This flag is enabled automatically
whenever the expansions %h or ~ are used.
debug
A flag which enables verbose logging
sudo_service_name=<service name you compiled sudo to use>
(when compiled with --enable-sudo-hack)
Specify the service name to use to identify the service "sudo". When the PAM_SERVICE identifier matches this string, and if PAM_RUSER
is not set, pam_ssh_agent_auth will attempt to identify the calling user from the environment variable SUDO_USER.
This defaults to "sudo".
EXPANSIONS
~ -- same as in shells, a user's Home directory
Automatically enables allow_user_owned_authorized_keys_file if used in the context of ~/. If used as ~user/, it would expect the file
to be owned by 'user', unless you explicitely set allow_user_owned_authorized_keys_file
%h -- User's Home directory
Automatically enables allow_user_owned_authorized_keys_file
%H -- The short-hostname
%u -- Username
%f -- FQDN
EXAMPLES
in /etc/pam.d/sudo
"auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys"
The default .ssh/authorized_keys file in a user's home-directory
"auth sufficient pam_ssh_agent_auth.so file=%h/.ssh/authorized_keys"
Same as above.
"auth sufficient pam_ssh_agent_auth.so file=~fred/.ssh/authorized_keys"
If the home-directory of user 'fred' was /home/fred, this would expand to /home/fred/.ssh/authorized_keys. In this case, we have not
specified allow_user_owned_authorized_keys_file, so this file must be owned by 'fred'.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%H/%u/authorized_keys allow_user_owned_authorized_keys_file"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar/fred/authorized_keys. In this case, we specified
allow_user_owned_authorized_keys_file, so fred would be able to manage that authorized_keys file himself.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%f/%u/authorized_keys"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar.baz.com/fred/authorized_keys. In this case, we
have not specified allow_user_owned_authorized_keys_file, so this file must be owned by root.
v0.8 2009-08-09 pam_ssh_agent_auth(8)