Visit Our UNIX and Linux User Community


SSH password login issue

 
Thread Tools Search this Thread
Homework and Emergencies Emergency UNIX and Linux Support SSH password login issue
# 1  
Old 12-23-2011
SSH password login issue

Hi All,

I am facing issue in setting up passwordless login through ssh on two Solaris-10 boxes. user-id ravrwa from server tsapiq04-zrwdq01 should be able to login to server tsbrit03 as cpsuserq, which is not happening. I am not sure where is the problem, while keys are already all set. Here is the example -
HTML Code:
(root):/raven/apps/raven_users/ravrwa> id
uid=23286(ravrwa) gid=2201(raven)
(root):/raven/apps/raven_users/ravrwa> pwd
/raven/apps/raven_users/ravrwa
(root):/raven/apps/raven_users/ravrwa> ls -l .ssh
total 17
-rw-------   1 ravrwa   raven        883 Dec 10 18:34 id_rsa
-rw-------   1 ravrwa   raven        887 Jun 16  2011 id_rsa.old
-rw-r--r--   1 ravrwa   raven        233 Dec 10 18:34 id_rsa.pub
-rw-r--r--   1 ravrwa   raven        233 Dec 10 18:34 id_rsa.pub.11222011
-rw-r--r--   1 ravrwa   raven        233 Jun 16  2011 id_rsa.pub.old
-rw-r--r--   1 ravrwa   raven       1648 Dec 10 18:37 known_hosts
(root):/raven/apps/raven_users/ravrwa> cat .ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvn/x8G/2+4Jc5r5fMwirptHhzpZAeWevv63rLFn8CqSdm6rWeRfik/eQGj7+1xw0dWEHCZj5/uPxoBzcWe8Xe5Qnx4SZVahwYeszg05p+vo3315UV7dzAv22mif7hKKfTrY3E/SMA1lCBtZYnet3468WCLdc0W/5JkjfKLxOFtM= ravrwa@tsapiq04-zrwdq01
(root):/raven/apps/raven_users/ravrwa> ssh cpsuserq@tsbrit03
 
Password:
If I check pub keys on destination server (tsbrit03), those are already there exactly -
HTML Code:
$ id
uid=56330(cpsuserq) gid=25030(cpsgrp_q)
$ pwd
/Hyperion/WERQ/raven
$ ls -l .ssh/authorized_keys
-rw-------   1 cpsuserq cpsgrp_q     233 Dec 22 16:46 .ssh/authorized_keys
$ cat .ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvn/x8G/2+4Jc5r5fMwirptHhzpZAeWevv63rLFn8CqSdm6rWeRfik/eQGj7+1xw0dWEHCZj5/uPxoBzcWe8Xe5Qnx4SZVahwYeszg05p+vo3315UV7dzAv22mif7hKKfTrY3E/SMA1lCBtZYnet3468WCLdc0W/5JkjfKLxOFtM= ravrwa@tsapiq04-zrwdq01
$
Can anybody help, where could be the issue ?

Regards
# 2  
Old 12-23-2011
Post output of
Code:
ls -ld /raven/apps/raven_users/ravrwa/.ssh

# 3  
Old 12-23-2011
First two things that come to my mind:

1. on the local server, check that the homedir of user ravrwa is actually the path /raven/apps/raven_users/ravrwa; if this is not the case, then use the switch -i /raven/apps/raven_users/ravrwa/.ssh/id_rsa to the ssh command.
Perform the same check on the remote host for user cpsuserq (the homedir should be /Hyperion/WERQ/raven).


2. on the remote server, check that key-based authentication is explicitly enabled in sshd configuration file (it should be the entry "PubkeyAuthentication" in /etc/ssh/sshd_config).

see ya
fra
# 4  
Old 12-23-2011
bartus11, here is the file from source -
PHP Code:
(root):/raven/apps/raven_users/ravrwals -ld /raven/apps/raven_users/ravrwa/.ssh
drwx
------   2 ravrwa   raven          8 Dec 22 16:43 /raven/apps/raven_users/ravrwa/.ssh 
frappa, home directories seem to be correct, but i do not see PubkeyAuthentication in ssh file
PHP Code:
Source Server -
(
root):/raven/apps/raven_users/ravrwacat /etc/passwd grep ravrwa
ravrwa
:x:23286:2201:Redwood User:/raven/apps/raven_users/ravrwa:/usr/bin/ksh

Destination server 
-
cat /etc/passwd grep cpsuserq
cpsuserq
:x:56330:25030:CPS User-Hyperian:/Hyperion/WERQ/raven:/usr/bin/ksh

cat /etc/ssh/sshd_config grep -i authentication grep -"#"
PasswordAuthentication yes
PAMAuthenticationViaKBDInt yes
RhostsAuthentication no
RhostsRSAAuthentication no
RSAAuthentication yes 
# 5  
Old 12-23-2011
i see,
on the other hand key-based auth should be enabled by default (you may perform a double check on solaris with man sshd_config) ...

may you please post the output of the ssh key-based session you are trying to start with the -vvv switch (full debugging messages)?

see ya
fra
# 6  
Old 12-23-2011
It was a big output, so I have attached it output as a textfile named as "ssh_passwordless_login_issue.txt". Please check.
# 7  
Old 12-23-2011
ok,

may you now please post the output of the ssh session with the following command?

Code:
ssh -vvv -i /raven/apps/raven_users/ravrwa/.ssh/id_rsa cpsuserq@tsbrit03

and let's see what happens when you explicitly set the id_rsa private key.

Previous Thread | Next Thread
Test Your Knowledge in Computers #242
Difficulty: Easy
In September 1984 work was completed on restructuring the ARPANET giving U.S. military sites their own Military Network (MILNET) for unclassified defense department communications.
True or False?

10 More Discussions You Might Find Interesting

1. Red Hat

Need to login without password using ssh

I am using redhat 6.4 and i want to login ssh without password kindly guide me (2 Replies)
Discussion started by: kannansoft1985
2 Replies

2. Cybersecurity

Password less SSH login to different server

Hi, It is continuation with my other thread, The issue i found is U1 does not set properly for password less ssh. for setting up password less ssh i followed the following steps 1. ssh-keygen 2. ssh-copy-id -i ~/.ssh/id_rsa.pub hostname 3. /usr/bin/ssh -t -t U1@hostname sample.sh ... (3 Replies)
Discussion started by: sakthi.99it
3 Replies

3. Cybersecurity

Ssh password less login with different ID

Hi, I have setup password less ssh connection between Server A and Server B and I am able to connect with User2. But my requirement is, User 1 run a script in Server A to ssh into Server B as User 2 but it is asking password every time I execute. Server A: Login as User 1 and execute sh... (8 Replies)
Discussion started by: sakthi.99it
8 Replies

4. SuSE

SSH issue - can't get password less login to work

Hello, I can't seem to get the password less login to work on one of my SLES 11 servers. My ssh agent lets me login to all my other servers, which are Solaris 10, RHEL 5, and SLES 11 servers. Some servers mount my home directory and others don't. The server that I'm having an issue with doesn't... (7 Replies)
Discussion started by: bitlord
7 Replies

5. Cybersecurity

SSH password-less login issue between linux and solaris

Hello Gurus, I am trying to set up bidirectional password-less login between a linux and a Solaris. The way I am doing is very simple, which is creating pub/priv key pairs on each host and add the pub key to each other's authorized_keys file: ssh-keygen -t rsa (I tried dsa, and it didn't work... (4 Replies)
Discussion started by: error_lee
4 Replies

6. Solaris

Problem with ssh login without password

Hello friends, I have the problem with password less login in solaris 10. Issue : In solaris 10 I have 2 different users on is oracle and the other is archmon. when I try to ssh to the other server from oracle it is successful but when I try to ssh from archmon it fails, and it asks for the... (1 Reply)
Discussion started by: Pavankrv
1 Replies

7. Shell Programming and Scripting

rlogin / ssh login with password

Hello, I need to find a way to connect from server1 to 30 other servers using a single line command in order to run various command from the other 30 servers. I am looking for a single line connection command in which i can provide the server name user name and password and connect to the... (2 Replies)
Discussion started by: LiorAmitai
2 Replies

8. Shell Programming and Scripting

SSH Login by passing password.

ssh/sftp login by passing password , is it possible.Don't want to expect. (1 Reply)
Discussion started by: dinjo_jo
1 Replies

9. Solaris

SSH Password-less login fails on password expiry.

Hi Gurus I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails. Resetting my password reenables the keys. Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies

10. HP-UX

login ssh without password

There is two server, server A and server B. In server A, I would like to login ssh to server B without typing password. (no need for ssh2) Therefore, I do the followings: Server A: >cd ~ >mkdir .ssh >ssh-keygen -t dsa -f .ssh/id_dsa Then copy the file id_dsa.pub to Server B Server B:... (2 Replies)
Discussion started by: alfredo
2 Replies

Featured Tech Videos