ssh keys - no password prompt from AIX to RPA


 
Thread Tools Search this Thread
Operating Systems AIX ssh keys - no password prompt from AIX to RPA
# 1  
Old 12-12-2011
ssh keys - no password prompt from AIX to RPA

hello,

i am running an AIX 5.3 machine and i want to connect via ssh to the RPA Management site without prompting for password.
i already had a public key of this server as i use the same thing for ssh connection with other AIX machines.
i connected to the RPA Management Site and i run the following command:
Code:
add_ssh_key  name='username'  key='xxxxxx' 


the key that i use is the following: /.ssh/id_rsa.pub
the RPA version is 3.4 SP2

the problem is that i still get the password prompt when i try to connect via ssh to the RPA Management site. i dont know what else i have to do. i search around but i cannot find anything else.

is there anybody who knows more about this issue?

Thank you
# 2  
Old 12-12-2011
The sshd is very fussy about permissions on dirs and files .ssh* and down.

The general thing for password free access is that the client machine ~/.ssh/id*.pub (one line) needs to be in the server machine ~/.ssh/authorized_keys file.

I read that the keys need to be generated with no password, as well, else you get prompted for that (which is more secure than simple password, I guess).
# 3  
Old 12-12-2011
Quote:
Originally Posted by DGPickett
I read that the keys need to be generated with no password, as well, else you get prompted for that (which is more secure than simple password, I guess).
I think the idea for that is keys with passwords can be held by ssh-agent... enter the password once, use the key many times.
# 4  
Old 12-13-2011
yes you are right about the
Code:
ssh-keygen

command.
i already used this command from my AIX machines because as i said before i already use ssh connection to other AIX machines without prompting for password.
the problem is that i cannot use the command
Code:
ssh-keygen

for the RPA.
i read the the procedure to have an ssh connection without prompting for password between an AIX machine and RPA is just running one command.
the
Code:
add_ssh_key

command that i wrote before is a command running from the RPA server. also when i run the command
Code:
get_ssh_keys

i can see that the ssh key that i tried to saved before is already saved to the RPA.
# 5  
Old 12-14-2011
You said '/.ssh/id_rsa.pub', so I guess it is 'root' your are trying to connect as, password-free? There might be additional sshd switches to allow that.
# 6  
Old 12-15-2011
actually you are right this file is for root user whereas i wanted to make a password-free connection for other user, not root.
but still, i created before a while a public key for the user that i want to have this connection and i add it to the RPA but still prompting for password.
# 7  
Old 12-15-2011
Use -v on ssh to see if there are any hints as the login is deflected.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Help with password 'maintenance' or maybe I just need to generate ssh keys?

Hi gurus, I am NOT the SA of the servers so very limited on what I can do. Basically the scenario is like this: Every 6 months our password expires and we have to reset them to comply to some password rules. Thing is users, me included, tend to have plaintext copy of this difficult to... (2 Replies)
Discussion started by: newbie_01
2 Replies

2. Linux

Linux password aging and ssh keys

Recently I have been playing with password ageing and the usage of ssh keys. I have found that if usePAM yes (default) is set in the /etc/ssh/sshd_config file then any password ageing and inactiivity can adversely affect a client with ssh keys. For example: Set PASS_MAX_DAYS to 60 in... (5 Replies)
Discussion started by: smurphy_it
5 Replies

3. Red Hat

Sudo Password Prompt over SSH

I am not sure what I am missing here. I have the following identical entry in /etc/sudoers on multiple Red Hat 6.4 servers. icinga ALL=NOPASSWD:/usr/bin/yum --security --exclude\="kernel*" check-update On one server when I enter the command over SSH as follows it works fine. ssh -t -q... (1 Reply)
Discussion started by: scotbuff
1 Replies

4. SuSE

SLES 11.2 slow SSH password prompt

We are having an issue with slow password prompts via SSH login on all of our SLES 11.2 boxes. The output from a ssh -v login attempt shows a delay here: debug1: SSH2_MSG_SERVICE_ACCEPT receivedThis issue only happens on the first logon of the day; subsequent logons are normal. Adding the client's... (8 Replies)
Discussion started by: j_aix
8 Replies

5. UNIX for Dummies Questions & Answers

[SSH-RSA] Still prompting for password after generating keys

Hello, I'm trying to perform these operations without entering any password, as user "fzd":fzd@machine1> scp /tmp/srcFile1 fzd@machine2:/tmp/$destFile fzd@machine1> scp fzd@machine2:/tmp/$srcFile /tmp/$destFilebut alsofzd@machine1> scp /tmp/srcFile1 machine2:/tmp/$destFile fzd@machine1> scp... (6 Replies)
Discussion started by: fzd
6 Replies

6. UNIX for Dummies Questions & Answers

SSH Keys Authentication keeps asking for password

Hi! Im trying to set access from ServerA(SunOS) to ServerB(Some custom Linux with Keyboard Interactive login) with SSH Keys. As a proof of concept I was able to do it between 2 virtual machines. Now in my real life scenario it isnt working. I created the keys in ServerA, copied them to... (7 Replies)
Discussion started by: RedSpyder
7 Replies

7. Programming

Test SSH but do not return password prompt

Hello forum, I want to have a function to test for passwordless SSH setup. Pretty simple. However, what I'm finding difficult is to NOT return a password prompt to screen IF it's not in place. Here's the function: check_passwordless_ssh_working() #check passed parameter, assuming it is... (4 Replies)
Discussion started by: doonan_79
4 Replies

8. Solaris

expired password prompt at ssh login

Hi, I am using DSEE 6.3 to authenticate and authorize my Solaris 9 and 10 users. Everything works fine except password expiration. I use built-in global password policy for all users. The policy works well. However I could not find the right pam configuration in order to prompt users at ssh... (2 Replies)
Discussion started by: niyazi
2 Replies

9. UNIX for Dummies Questions & Answers

SSH version of rlogin (ie without password prompt)

I have 3 Solaris 10 UNIX servers, the shadow and passwd file are all identical and are automatically sync every 5 minutes. A majority of the users do not have CLI access but rather use a menu. I currently have menu options that allows them to rlogin to another server and I need to have the... (1 Reply)
Discussion started by: creedonjm
1 Replies

10. Red Hat

SSH Prompts for Password After Keys Setup Successfully

I setup the keys between 2 servers, but my user account has no password specified for it (never set one up on the account for security reasons). When I try to SSH to the server, SSH prompts for a password that doesn't exist (so I can never connect successfully). Note: 'passwd -d Rynok' removes... (3 Replies)
Discussion started by: Rynok
3 Replies
Login or Register to Ask a Question