Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSH password less setup asking for password
Operating Systems Linux Red Hat SSH password less setup asking for password Post 302993300 by os2mac on Wednesday 8th of March 2017 02:01:34 PM
Old 03-08-2017
mode of Directory the key.
Quote:
Originally Posted by rbatte1
Remember that the permissions have to be locked down at both ends so only the owner at the client end ONLY can read the private key and that the userid on the server (target) ONLY can read/write the public key. SSH and other tools that use these keys will check that they are not vulnerable to someone else editing them. You should also check that the directory permissions for .ssh are read/write/execute for the owner ONLY.

Do not allow any other access to these files. The blanket chmod 777 ....... will make prevent you using them. Try chmod 600 ~/.ssh/* and chmod 700 ~/.ssh on both the client and the server.

If it's not any of the above, when you generated the keys I'm wondering if your provided a passphrase. This would require you to enter the passphrase every time to use the keys, so you can't automate it.

It is best practice to have a passphrase for interactive use of the keys. If you wish, you can have multiple keys defined and use the one without a passphrase for automated processing using the -i flag.



I hope that this helps,
Robin

I have run across this time and again and it always takes me a while to remember why. Openssh was specifically written to disallow connection if the permissions of .ssh are too open. see Ubuntu's writeup on this
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

no password ssh

Hello all, I would like to know if anyone had ever set up a network in which they used DHCP and OPENSSH with no password. I can configure my ssh files to allow me to enter any machine without a password as long as I have generated the public and private keysa nd store them in my .ssh/aut... ... (3 Replies)
Discussion started by: larryase
3 Replies

2. Solaris

SSH Password-less login fails on password expiry.

Hi Gurus I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails. Resetting my password reenables the keys. Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies

3. Red Hat

SSH Prompts for Password After Keys Setup Successfully

I setup the keys between 2 servers, but my user account has no password specified for it (never set one up on the account for security reasons). When I try to SSH to the server, SSH prompts for a password that doesn't exist (so I can never connect successfully). Note: 'passwd -d Rynok' removes... (3 Replies)
Discussion started by: Rynok
3 Replies

4. UNIX for Dummies Questions & Answers

SSH with no password

How to setup SSH to not require a password when establishing an SSH connection from server A to server B for particular user? (4 Replies)
Discussion started by: sam101
4 Replies

5. Red Hat

setup sudo for cmd exec w/o password

i need to set up a user to execute a restricted command as another user and to be able to do so without entering a password. I understand the security concerns but let's not go there, unless you are really compelled to do so... The directive to permit is that I believe should work and did add to... (2 Replies)
Discussion started by: twk
2 Replies

6. Shell Programming and Scripting

How to setup a password less ftp??

hi, i want to setup a password less FTP to a remote server so that i can ftp to a remote server without the password. i have setup a passwordless ssh and i am able to use scp commands to connect to the remote server without asking for the password. but when i try to ftp to the same remote... (6 Replies)
Discussion started by: Little
6 Replies

7. Solaris

How can i setup ssh password-less login for particular user?

HI Community. I was trying to create ssh password less authentication for one user called night and it's not working for me. These are the steps I followed:- I have logged into the server and issued ssh-ketgen -t rsabash-3.2$ ssh-keygen -t rsa Generating public/private rsa key pair.... (4 Replies)
Discussion started by: bentech4u
4 Replies

8. UNIX for Advanced & Expert Users

Setup Samba Server to always ask user and password

How do I setup a Samba server to always ask to user and password, when a windows user, prints your files using a shared printer through a Samba Linux Server (CUPS)? (0 Replies)
Discussion started by: viga
0 Replies

9. AIX

Verifying a users password on AIX setup with LPA

Hello, We're running AIX 6 & 7. Previously we were using the old encryption techinique (DES/crypt) I have a GUI application that has a verify button (the verify button is sort of a digital signature) - the user clicks it, enters his or her password and we then make a call to a C module, This... (3 Replies)
Discussion started by: evansch
3 Replies

10. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies

LEARN ABOUT NETBSD

ssh-keysign

SSH-KEYSIGN(8)						    BSD System Manager's Manual 					    SSH-KEYSIGN(8)

NAME

     ssh-keysign -- ssh helper program for host-based authentication

SYNOPSIS

     ssh-keysign

DESCRIPTION

     ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication with
     SSH protocol version 2.

     ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
     EnableSSHKeysign to ``yes''.

     ssh-keysign is not intended to be invoked by the user, but from ssh(1).  See ssh(1) and sshd(8) for more information about host-based authen-
     tication.

FILES

     /etc/ssh/ssh_config
	     Controls whether ssh-keysign is enabled.

     /etc/ssh/ssh_host_dsa_key
     /etc/ssh/ssh_host_ecdsa_key
     /etc/ssh/ssh_host_rsa_key
	     These files contain the private parts of the host keys used to generate the digital signature.  They should be owned by root, read-
	     able only by root, and not accessible to others.  Since they are readable only by root, ssh-keysign must be set-uid root if host-
	     based authentication is used.

     /etc/ssh/ssh_host_dsa_key-cert.pub
     /etc/ssh/ssh_host_ecdsa_key-cert.pub
     /etc/ssh/ssh_host_rsa_key-cert.pub
	     If these files exist they are assumed to contain public certificate information corresponding with the private keys above.

SEE ALSO

     ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)

HISTORY

     ssh-keysign first appeared in OpenBSD 3.2.

AUTHORS

     Markus Friedl <markus@openbsd.org>

BSD
								  August 31, 2010							       BSD
All times are GMT -4. The time now is 04:08 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy