Visit Our UNIX and Linux User Community


passwordless login issue with ssh keys


 
Thread Tools Search this Thread
Operating Systems Solaris passwordless login issue with ssh keys
# 1  
Old 12-12-2010
Data passwordless login issue with ssh keys

Hi GUYS,

Me have 2 servers, eg:: A & B
id_dsa.pub key of B had been put in authorized_keys of A & Vice versa

Passwordless login going from A to B.

But while connecting from B to A ,its asking password


Any one please help me out..
# 2  
Old 12-12-2010
try ssh-copy-id username@host, it should ask for your password, login, set up for you, then you should be able to ssh in passwordlessly.

If that doesn't work we need more details, what OSes are involved and such, ls -l ~/.ssh/, ls -ld ~/.ssh/, maybe one server has an old version of ssh requiring rsa keys.. ssh -vv username@host may give more useful error messages...

Last edited by Corona688; 12-12-2010 at 03:22 AM..
# 3  
Old 12-12-2010
make sure the permission of the authorized_keys file is set to 700.
# 4  
Old 12-13-2010
Quote:
Originally Posted by tamitot
make sure the permission of the authorized_keys file is set to 700.
Ditto for $HOME/.ssh


HTH
# 5  
Old 12-14-2010
Data still problem..

file permissions are correct as u guys suggested..

platform :: Solaris.

and i had tried ssh -vv username@hostname(B)...below i am sending debug result::

Code:
-bash-3.00$ ssh -vv [username]@[host A]

Sun_SSH_1.1.3, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Reading configuration data /export/home/sysops/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to [host A] [10.xxx.x.xx] port 22.
debug1: Connection established.
debug1: identity file /export/home/sysops/.ssh/identity type -1
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /export/home/sysops/.ssh/id_rsa type 1
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /export/home/sysops/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1.1
debug1: match: Sun_SSH_1.1.1 pat Sun_SSH_1.1.1*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1.3
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA, DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: i-default
debug2: kex_parse_kexinit: i-default
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: i-default
debug2: kex_parse_kexinit: i-default
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: i-default
debug2: kex_parse_kexinit: i-default
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: Peer sent proposed langtags, ctos: i-default
debug1: Peer sent proposed langtags, stoc: i-default
debug1: We proposed langtags, ctos: i-default
debug1: We proposed langtags, stoc: i-default
debug1: Negotiated lang: i-default
debug2: Server is expected to use UTF-8 locale
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: Remote: Negotiated main locale: C
debug1: Remote: Negotiated messages locale: C
debug1: dh_gen_key: priv key bits set: 127/256
debug1: bits set: 1561/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'A' is known and matches the RSA host key.
debug1: Found key in /export/home/sysops/.ssh/known_hosts:20
debug1: bits set: 1564/3191
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug1: newkeys: mode 1
debug1: set_newkeys: setting new keys for 'out' mode
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: set_newkeys: setting new keys for 'in' mode
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug2: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug1: Next authentication method: gssapi-keyex
debug2: we did not send a packet, disable method
debug1: Next authentication method: gssapi-with-mic
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug2: we did not send a packet, disable method
debug1: Next authentication method: publickey
debug1: Trying private key: /export/home/sysops/.ssh/identity
debug1: Trying public key: /export/home/sysops/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug1: Trying public key: /export/home/sysops/.ssh/id_dsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:

Please help me out ...

Last edited by Scott; 12-14-2010 at 03:55 PM.. Reason: Please use code tags
# 6  
Old 12-14-2010
Quote:
debug1: Trying public key: /export/home/sysops/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug1: Trying public key: /export/home/sysops/.ssh/id_dsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug1: Next authentication method: keyboard-interactive
kindly double check if you have copied the right public key, from server B, to the authorized_key file in server A. obviously, the key was rejected thus you were prompted for the password. might be wise to just scp the public key to server A than copy and paste it, incase you have done it.

HTH
# 7  
Old 12-15-2010
Question

i tried that also..but of no use...

other thing is ,in server A i tried ssh 0 after removing authorized_key,

then too it going passwordless ....

Previous Thread | Next Thread
Test Your Knowledge in Computers #277
Difficulty: Easy
Solaris is a version of UNIX System V Release 4 (SVR4), jointly developed by Sun and AT&T, and was licensed by Sun from DEC to replace SunOS.
True or False?

9 More Discussions You Might Find Interesting

1. Red Hat

SSH login issue

Dear All , recently i have configured sftp for a user for which i have done chroot. but after this , sftp is working fine . but ssh is not working when we connect to the server. When we try to ssh <user>@<server ip> , the below is the error message that we get and not able to login. ... (2 Replies)
Discussion started by: jegaraman
2 Replies

2. Shell Programming and Scripting

Expect script ssh passwordless login

how can i use an expect script to do a passwordless ssh login and run a script on a bunch of remote hosts? I do not want to use public key authentication as this would require me to setup the keys on the clients etc.... (2 Replies)
Discussion started by: tdubb123
2 Replies

3. Solaris

[solved] Ssh passwordless login not working

This is Solaris 10 and sorce+destination are non root user. Somehow it is broke and I am not able to fix it. Already checked permissions on both servers and authorized_keys entry of destination is same as id_rsa.pub of source server. I can not regenerate keys on source server because I do not know,... (0 Replies)
Discussion started by: solaris_1977
0 Replies

4. UNIX for Advanced & Expert Users

Intermitent issue with passwordless login

Hi, I have two users login on my HPUX i.e user1 and user2. Inorder to switch from user1 to user2 without password I generated key pair using keygen command for user id user1 and copied the its public key to the .ssh/authorized_keys file of user2. ssh-keygen -b 2048 -t rsa This... (5 Replies)
Discussion started by: mohtashims
5 Replies

5. Emergency UNIX and Linux Support

SSH password login issue

Hi All, I am facing issue in setting up passwordless login through ssh on two Solaris-10 boxes. user-id ravrwa from server tsapiq04-zrwdq01 should be able to login to server tsbrit03 as cpsuserq, which is not happening. I am not sure where is the problem, while keys are already all set. Here is... (14 Replies)
Discussion started by: solaris_1977
14 Replies

6. Shell Programming and Scripting

issue while auto login using .ssh for HPUX

Hi, While trying to supress password prompt using ssh. I have added .ssh folder manually and generated public key and added to authorized_keys file in the remote machine. But still it's prompting for passwords with the following message: Permission denied... (5 Replies)
Discussion started by: 116@434
5 Replies

7. HP-UX

Unable To Perform A "Passwordless" SSH Login To A Server

Greetings! I am trying to perform a passwordless SSH login from a HPUX 11.31 client to a HPUX 11.31 server. Whenever I do a "ssh -l root serverA" from the client, I am prompted for a password. Giving the password, I am able to successfully login. However I am trying to accomplish a... (9 Replies)
Discussion started by: Rob Sandifer
9 Replies

8. Solaris

ssh login issue after patching

Hi Everybody, Recently i applied patch cluster dated (2009.11.03) for solaris 10 sparc machine(Generic_138888-06) I successfully applied and rebooted the machine , no errors received. But after patching it was not allowing me to login through ssh while telnet was working fine.Logs showed me ... (11 Replies)
Discussion started by: laxmikant
11 Replies

9. UNIX for Advanced & Expert Users

failed ssh login with keys

Hi all, i have generated a pair of keys so that i can login via SSH without entering my password. I am using putty to login. After putting the public key on the server,then logging through putty, i get the message "Server refused our key" on screen. At the same time, /var/log/secure is... (3 Replies)
Discussion started by: new2ss
3 Replies

Featured Tech Videos