03-24-2016
Add your public SSH key to the
.ssh/authorized_keys file in the users home directory.
If you don't have an SSH key pair, generate one with
ssh-keygen. If you give it a password while generating, you'll need to enter that password when logging in, so I'm guessing you'll want to leave that blank.
You also have to make sure permissions are set correctly on various files and folders:
- Home dir: no more than 755 (not group or world writable).
- .ssh dir: no more than 755 (not group or world writable). (mkdir -m755
- authorized_keys file: not more than 644 (not group or world writable)
- id_rsa.pub (Public key) file: not more than 644 (not group or world writeable)
- id_rsa (Private key) file: not more than 600 (not group or world readable)
Last edited by acascianelli; 03-24-2016 at 04:16 PM..
10 More Discussions You Might Find Interesting
1. HP-UX
There is two server, server A and server B. In server A, I would like to login ssh to server B without typing password. (no need for ssh2)
Therefore, I do the followings:
Server A:
>cd ~
>mkdir .ssh
>ssh-keygen -t dsa -f .ssh/id_dsa
Then copy the file id_dsa.pub to Server B
Server B:... (2 Replies)
Discussion started by: alfredo
2 Replies
2. Solaris
Hi Gurus
I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails.
Resetting my password reenables the keys.
Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies
3. Shell Programming and Scripting
ssh/sftp login by passing password , is it possible.Don't want to expect. (1 Reply)
Discussion started by: dinjo_jo
1 Replies
4. Solaris
Hi,
I am using DSEE 6.3 to authenticate and authorize my Solaris 9 and 10 users. Everything works fine except password expiration. I use built-in global password policy for all users. The policy works well. However I could not find the right pam configuration in order to prompt users at ssh... (2 Replies)
Discussion started by: niyazi
2 Replies
5. Shell Programming and Scripting
Hello,
I need to find a way to connect from server1 to 30 other servers using a single line command in order to run various command from the other 30 servers.
I am looking for a single line connection command in which i can provide the server name user name and password and connect to the... (2 Replies)
Discussion started by: LiorAmitai
2 Replies
6. Emergency UNIX and Linux Support
Hi All,
I am facing issue in setting up passwordless login through ssh on two Solaris-10 boxes. user-id ravrwa from server tsapiq04-zrwdq01 should be able to login to server tsbrit03 as cpsuserq, which is not happening. I am not sure where is the problem, while keys are already all set. Here is... (14 Replies)
Discussion started by: solaris_1977
14 Replies
7. Solaris
Hello friends,
I have the problem with password less login in solaris 10.
Issue : In solaris 10 I have 2 different users on is oracle and the other is archmon. when I try to ssh to the other server from oracle it is successful but when I try to ssh from archmon it fails, and it asks for the... (1 Reply)
Discussion started by: Pavankrv
1 Replies
8. Cybersecurity
Hi,
I have setup password less ssh connection between Server A and Server B and I am able to connect with User2.
But my requirement is, User 1 run a script in Server A to ssh into Server B as User 2 but it is asking password every time I execute.
Server A:
Login as User 1 and execute sh... (8 Replies)
Discussion started by: sakthi.99it
8 Replies
9. Cybersecurity
Hi,
It is continuation with my other thread, The issue i found is U1 does not set properly for password less ssh.
for setting up password less ssh i followed the following steps
1. ssh-keygen
2. ssh-copy-id -i ~/.ssh/id_rsa.pub hostname
3. /usr/bin/ssh -t -t U1@hostname sample.sh
... (3 Replies)
Discussion started by: sakthi.99it
3 Replies
10. Solaris
HI Community.
I was trying to create ssh password less authentication for one user called night and it's not working for me.
These are the steps I followed:-
I have logged into the server and issued ssh-ketgen -t rsabash-3.2$ ssh-keygen -t rsa
Generating public/private rsa key pair.... (4 Replies)
Discussion started by: bentech4u
4 Replies
LEARN ABOUT FREEBSD
ssh-keysign
SSH-KEYSIGN(8) BSD System Manager's Manual SSH-KEYSIGN(8)
NAME
ssh-keysign -- ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
DESCRIPTION
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication with
SSH protocol version 2.
ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
EnableSSHKeysign to ``yes''.
ssh-keysign is not intended to be invoked by the user, but from ssh(1). See ssh(1) and sshd(8) for more information about host-based authen-
tication.
FILES
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_ed25519_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, read-
able only by root, and not accessible to others. Since they are readable only by root, ssh-keysign must be set-uid root if host-
based authentication is used.
/etc/ssh/ssh_host_dsa_key-cert.pub
/etc/ssh/ssh_host_ecdsa_key-cert.pub
/etc/ssh/ssh_host_ed25519_key-cert.pub
/etc/ssh/ssh_host_rsa_key-cert.pub
If these files exist they are assumed to contain public certificate information corresponding with the private keys above.
SEE ALSO
ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)
HISTORY
ssh-keysign first appeared in OpenBSD 3.2.
AUTHORS
Markus Friedl <markus@openbsd.org>
BSD
December 7, 2013 BSD