ssh keys have nothing at all to do with sudo. You have to set up /etc/sudoers to grant you the privilege.
The issue is with paswordless login using ssh.
I wrote a switchuser.sh script as below.
I was expecting that sh switchuser.sh user2 would help passwordless login.
But, instead i get the below error:
Quote:
mymac://home/myapp/user1> sh switchuser.sh user2
user2@mymac
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0777 for '/home/myapp/user1/.ssh/id_rsa' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /home/myapp/user1/.ssh/id_rsa
Password:
I am trying to set up ssh/scp to be able to login in w/o using a password. The man pages for ssh and ssh-keygen explain how to do this.
So, using "rsa1" style, I created the public and private keys by way of ssh-keygen, then added the contents of "$HOME/.ssh/identity.pub" to a newly created... (6 Replies)
Hi Gurus,
Wanted to know if there is a way to enable passwordless login between specific users in a Solaris (5.9)server.
I copied the public key of first user into the $HOME/.ssh/authorized_keys file of the second user. But it didn't work out.
Note - Am talking about users in the same... (9 Replies)
Hi GUYS,
Me have 2 servers, eg:: A & B
id_dsa.pub key of B had been put in authorized_keys of A & Vice versa
Passwordless login going from A to B.
But while connecting from B to A ,its asking password
Any one please help me out.. (6 Replies)
Greetings!
I am trying to perform a passwordless SSH login from a HPUX 11.31 client to a HPUX 11.31 server. Whenever I do a "ssh -l root serverA" from the client, I am prompted for a password. Giving the password, I am able to successfully login. However I am trying to accomplish a... (9 Replies)
This is Solaris 10 and sorce+destination are non root user. Somehow it is broke and I am not able to fix it. Already checked permissions on both servers and authorized_keys entry of destination is same as id_rsa.pub of source server. I can not regenerate keys on source server because I do not know,... (0 Replies)
Hi,
I am in the process FTPing some of my report files from my production server to another FTP server through batch/Shell Script.
This is working fine with the password less authentication.
Once i place all my report files in the ftp server the end users need to download ... (3 Replies)
Hello Experts,
I am trying to setup passwordless sftp from one of linux box to solaris box.
I have generated key-pair and below is the permissions of the respective files.
drwx------. 2 sftpuser sftpuser 4096 Dec 17 23:57 .ssh
drwx------. 2 sftpuser sftpuser 4096 Dec 17 23:57 .... (16 Replies)
how can i use an expect script to do a passwordless ssh login and run a script on a bunch of remote hosts? I do not want to use public key authentication as this would require me to setup the keys on the clients etc.... (2 Replies)
Hi Friends,
I was successfully able to login passwordlessly to server 1.1.1.2 from server 1.1.1.1 by following the below steps. I had already generated the keys using (ssh-keygen -t rsa) once and i am assuming i do not have to do that again.
ssh id@1.1.1.2 mkdir -p .ssh
cat... (8 Replies)
Discussion started by: srkmish
8 Replies
LEARN ABOUT DEBIAN
ssh-keysign
SSH-KEYSIGN(8) BSD System Manager's Manual SSH-KEYSIGN(8)NAME
ssh-keysign -- ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
DESCRIPTION
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication with
SSH protocol version 2.
ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
EnableSSHKeysign to ``yes''.
ssh-keysign is not intended to be invoked by the user, but from ssh(1). See ssh(1) and sshd(8) for more information about host-based authen-
tication.
FILES
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, read-
able only by root, and not accessible to others. Since they are readable only by root, ssh-keysign must be set-uid root if host-
based authentication is used.
/etc/ssh/ssh_host_dsa_key-cert.pub
/etc/ssh/ssh_host_ecdsa_key-cert.pub
/etc/ssh/ssh_host_rsa_key-cert.pub
If these files exist they are assumed to contain public certificate information corresponding with the private keys above.
SEE ALSO ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)HISTORY
ssh-keysign first appeared in OpenBSD 3.2.
AUTHORS
Markus Friedl <markus@openbsd.org>
BSD August 31, 2010 BSD