Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: [Solved] SSH key authentication problem
Top Forums UNIX for Advanced & Expert Users [Solved] SSH key authentication problem Post 302844371 by bakunin on Monday 19th of August 2013 05:13:59 AM
Old 08-19-2013
Quote:
Originally Posted by lovelysethii
but while connecting to the servers, it is still asking for password.
Not sure if this needs mentioning, but: you understand, that by what you did describe you can only log in to serverB coming from serverA, and only with the user you used on serverA to generate the key as the user on serverB you copied the public key to, don't you?

I suggest:

Create a directory "~/.ssh" for every user you want to use ssh (this is the default location for the identity files, so you won't have to use the "-i" switch).

Make the file mode for this directory "0700" and the files in there "0600", ssh can become picky about this, especially, if the files have to many privileges granted.

Make sure you have exchanged all the necessary keys: suppose you have "userA" and "userB" on each serverA and serverB. To make sure every user can connect to any other user each has to exchange his key with the three others: a key is only valid for one user/server combination to another user/server-combination, not even in the other direction.

I hope this helps.

bakunin
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

SSH key authentication

Hi all, I have got a Solaris machine and I have several user account setup up with the .ssh and authorized_keys file in their home directories. I have check all the permission and ownership and they are all indentical and belongs to the user ID and group respectively. However one of the... (3 Replies)
Discussion started by: stancwong
3 Replies

2. Shell Programming and Scripting

Disable SSH key authentication

Hello Guys, I need your help. I am trying to create a script to change password for multipls servers but having problem when it comes to ssh key authentication. Does anyone have a sample script that will disable ssh key authentication for multiple servers?;) (3 Replies)
Discussion started by: youdexter
3 Replies

3. UNIX for Dummies Questions & Answers

Public Key Authentication over SSH and Sudo-ing Implementation

Hi, We are currently implementing an Identity Management application which has several Unix systems as its target system. A pre-defined connector will be installed to provide connection between the Identity Management application and the Unix target system. The connection will use Public Key... (1 Reply)
Discussion started by: tristanD
1 Replies

4. Shell Programming and Scripting

ssh key based authentication - force

Hi Team, we have problem with sftp. Though SA team has setup the keys between 2 server, sftp still prompts for the password. After many attempt to rectify the problem, SA has asked us force the SSH key based authentication by using following command. sftp2 --indetity="folder/private_key"... (6 Replies)
Discussion started by: ace_friends22
6 Replies

5. Red Hat

SSH Public key Authentication Issue

Hi All; I have an issue with password less authentication via ssh ( v2) I have two servers Server A and Server B, following are the server details Server A OS - HP UX B.11.11 U 9000/800 SSH - OpenSSH_4.3p2-hpn, OpenSSL 0.9.7i 14 Oct 2005 HP-UX Secure Shell-A.04.30.000, HP-UX... (3 Replies)
Discussion started by: maverick_here
3 Replies

6. Solaris

Solaris 8 ssh public key authentication issue - Server refused our key

Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks. ... (1 Reply)
Discussion started by: aixlover
1 Replies

7. UNIX for Advanced & Expert Users

Is SSH Key Authentication Disabled?

I setup passwordless authentication on a Ubuntu vm by ssh'ing into the localhost. I'm trying to do the same thing on another machine but it's not working. I believe I have the permissions setup properly and keygen'd. Is there a way to disable passwordless authentication? I have permission to... (4 Replies)
Discussion started by: MaindotC
4 Replies

8. Red Hat

ssh private key passwordless authentication

Hello, Need a suggestion to setup private key passwordless authentication. I am not sure this can done or not :wall: here is the sincerio I have two servers, sever1 with a user "user1" and servera with usera here dataflow: usera from servera, will pull/push files to server1 on user1... (2 Replies)
Discussion started by: bobby320
2 Replies

9. UNIX for Advanced & Expert Users

SSH key authentication problem with 2 servers

hi All, this issue is regarding ssh key authentication, although i have performed this activity on two separate servers, now i have to configure the same again on 2 more servers. i did everything what i did earlier but this time i am getting some error, and i am unable to understand what exactly... (2 Replies)
Discussion started by: lovelysethii
2 Replies

10. IP Networking

Cygwin remote ssh with key authentication method

Hi experts, I am not sure in which forum to submit this question. If this is not the correct place then please let me know where to submit this thread. My requirement is to invoke windows batch scripts from linux shell script. Hence, I have installed openssh in Cygwin on the windows machine.... (2 Replies)
Discussion started by: ahmedwaseem2000
2 Replies

LEARN ABOUT REDHAT

ssh-add

SSH-ADD(1)						    BSD General Commands Manual 						SSH-ADD(1)

NAME

     ssh-add -- adds RSA or DSA identities to the authentication agent

SYNOPSIS

     ssh-add [-lLdDxX] [-t life] [file ...]
     ssh-add -s reader
     ssh-add -e reader

DESCRIPTION

     ssh-add adds RSA or DSA identities to the authentication agent, ssh-agent(1).  When run without arguments, it adds the files
     $HOME/.ssh/id_rsa, $HOME/.ssh/id_dsa and $HOME/.ssh/identity.  Alternative file names can be given on the command line.  If any file requires
     a passphrase, ssh-add asks for the passphrase from the user.  The passphrase is read from the user's tty.	ssh-add retries the last
     passphrase if multiple identity files are given.

     The authentication agent must be running and must be an ancestor of the current process for ssh-add to work.

     The options are as follows:

     -l      Lists fingerprints of all identities currently represented by the agent.

     -L      Lists public key parameters of all identities currently represented by the agent.

     -d      Instead of adding the identity, removes the identity from the agent.

     -D      Deletes all identities from the agent.

     -x      Lock the agent with a password.

     -X      Unlock the agent.

     -t life
	     Set a maximum lifetime when adding identities to an agent.  The lifetime may be specified in seconds or in a time format specified in
	     sshd(8).

     -s reader
	     Add key in smartcard reader.

     -e reader
	     Remove key in smartcard reader.

FILES

     $HOME/.ssh/identity
	     Contains the protocol version 1 RSA authentication identity of the user.

     $HOME/.ssh/id_dsa
	     Contains the protocol version 2 DSA authentication identity of the user.

     $HOME/.ssh/id_rsa
	     Contains the protocol version 2 RSA authentication identity of the user.

     Identity files should not be readable by anyone but the user.  Note that ssh-add ignores identity files if they are accessible by others.

ENVIRONMENT

     DISPLAY and SSH_ASKPASS
	     If ssh-add needs a passphrase, it will read the passphrase from the current terminal if it was run from a terminal.  If ssh-add does
	     not have a terminal associated with it but DISPLAY and SSH_ASKPASS are set, it will execute the program specified by SSH_ASKPASS and
	     open an X11 window to read the passphrase.  This is particularly useful when calling ssh-add from a .Xsession or related script.
	     (Note that on some machines it may be necessary to redirect the input from /dev/null to make this work.)

     SSH_AUTH_SOCK
	     Identifies the path of a unix-domain socket used to communicate with the agent.

DIAGNOSTICS

     Exit status is 0 on success, 1 if the specified command fails, and 2 if ssh-add is unable to contact the authentication agent.

AUTHORS

     OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
     Theo de Raadt and Dug Song removed many bugs, re-added newer features and created OpenSSH.  Markus Friedl contributed the support for SSH
     protocol versions 1.5 and 2.0.

SEE ALSO

     ssh(1), ssh-agent(1), ssh-keygen(1), sshd(8)

BSD
								September 25, 1999							       BSD
All times are GMT -4. The time now is 09:37 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy