01-24-2018
Common problems include the files at both sides being world readable. SSH is designed to stop you thinking you are secure but actually credentials could be stolen or adjusted by anyone, e.g. if the authorized_keys can be written by anyone, then they could add their own public key and sign on as that account. If someone can read your private key, then they can access anything you can.
I'm probably over paranoid, but I change the directory ~/.ssh to be mode 700 and the files within to be mode 600. Obviously they must be owned by the correct user.
This might be a quick fix, but it might be totally wrong. Can you show use the output from an ssh -v user@server attempt?
Kind regards,
Robin
9 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
$ errpt | more
IDENTIFIER TIMESTAMP T C RESOURCE_NAME DESCRIPTION
3074FEB7 0802050205 T H fscsi1 ADAPTER ERROR
B8113DD1 0802050205 T H fcs1 LINK ERROR
B8113DD1 0802050205 T H fcs1 LINK ERROR
3074FEB7 0802050205 T H fscsi0 ADAPTER ERROR
B8113DD1 ... (0 Replies)
Discussion started by: mcastill66
0 Replies
2. AIX
$ errpt | more
IDENTIFIER TIMESTAMP T C RESOURCE_NAME DESCRIPTION
3074FEB7 0802050205 T H fscsi1 ADAPTER ERROR
B8113DD1 0802050205 T H fcs1 LINK ERROR
B8113DD1 0802050205 T H fcs1 LINK ERROR
3074FEB7 0802050205 T H fscsi0 ADAPTER ERROR
B8113DD1 ... (2 Replies)
Discussion started by: mcastill66
2 Replies
3. UNIX for Dummies Questions & Answers
Hi all, dummy here.... I have major errors on entering the shell. On login I get:
-bash: dircolors: command not found
-bash: tr: command not found
-bash: fgrep: command not found
-bash: grep: command not found
-bash: grep: command not found
-bash: id: command not found
-bash: [: =: unary... (12 Replies)
Discussion started by: wcmmlynn
12 Replies
4. UNIX for Advanced & Expert Users
hellow Experts,
I want to know that whenever i run ssh command,
i get this error
> ssh username@x.x.x.x
ssh: connect to host x.x.x.x port 22: No route to host
or
connection refused
i want to know the exact reason for these errors ..
like because of firewall , no physical conection ,... (3 Replies)
Discussion started by: luckypower
3 Replies
5. Solaris
Hi
I am trying to scp a file between to servers (both on same subnet and can see each other). However, whenever I try I get the following error:
ld.so.1: ssh: fatal: relocation error: file /usr/local/bin/ssh: symbol EVP_CIPHER_CTX_key_length: referenced symbol not found
lost connection
I... (4 Replies)
Discussion started by: skewbie
4 Replies
6. UNIX for Dummies Questions & Answers
Hi folks, I'm having some rather odd trouble with ssh. It all started when I tried to create rsa public/private keys to login to a remote ssh account. The account is on a university server and the address redirects to several different machines so (following their wiki instructions...sigh) I... (9 Replies)
Discussion started by: daytripper
9 Replies
7. UNIX for Dummies Questions & Answers
This issue was resolved due to using the correct user transferring the file over to the desktop. (1 Reply)
Discussion started by: Computergal2104
1 Replies
8. Shell Programming and Scripting
I have write a script which contains
ssh -p 12345 dcplatform@10.125.42.50
ssh 127.0.0.1 -p 5555 "$CMD"
ssh root@$GUEST_IP "$CMD"
before I use public key, it works well, now I want to change to "expect", BUT I don't want to change above code and "parameter position"
I can post a... (1 Reply)
Discussion started by: yanglei_fage
1 Replies
9. UNIX for Beginners Questions & Answers
Hi,
I want to validate ssh connection one after one for multiple servers..... password less keys already setup but now i want to validate if ssh is working fine or not...
I have .sh script like below and i have servers.txt contains all the list of servers
#/bin/bash
for host in $(cat... (3 Replies)
Discussion started by: sreeram4
3 Replies
LEARN ABOUT LINUX
ssh-keysign
SSH-KEYSIGN(8) BSD System Manager's Manual SSH-KEYSIGN(8)
NAME
ssh-keysign -- ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
DESCRIPTION
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication with
SSH protocol version 2.
ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
EnableSSHKeysign to ``yes''.
ssh-keysign is not intended to be invoked by the user, but from ssh(1). See ssh(1) and sshd(8) for more information about host-based authen-
tication.
FILES
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, read-
able only by root, and not accessible to others. Since they are readable only by root, ssh-keysign must be set-uid root if host-
based authentication is used.
/etc/ssh/ssh_host_dsa_key-cert.pub
/etc/ssh/ssh_host_ecdsa_key-cert.pub
/etc/ssh/ssh_host_rsa_key-cert.pub
If these files exist they are assumed to contain public certificate information corresponding with the private keys above.
SEE ALSO
ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)
HISTORY
ssh-keysign first appeared in OpenBSD 3.2.
AUTHORS
Markus Friedl <markus@openbsd.org>
BSD
August 31, 2010 BSD