Public private key setup issue in Solaris 10


 
Thread Tools Search this Thread
Operating Systems Solaris Public private key setup issue in Solaris 10
# 1  
Old 02-12-2013
Public private key setup issue in Solaris 10

Hi i am using solaris 10.I am trying to setup a public/private key but it is not working.Appreciate your repsonse on it

There are two servers DB1 server and DB2 server.
Code:
 
1)I have generated public/private key using below step on both servers.
ssh-keygen -t rsa
2)From DB1 server moved the public key to the DB2 server and appended to the authorized_keys and changed permission as below.
scp ~/.ssh/id_rsa.pub mzty3f@DB2@:/tmp/id_rsa.pub.DB1
cat /tmp/id_rsa.pub.DB2 >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
3)Same step repeated on DB2 server,moved the public key to the DB2 server and appended to the authorized_keys and changed 
scp ~/.ssh/id_rsa.pub mzty3f@DB1:/tmp/id_rsa.pub.DB2
cat /tmp/id_rsa.pub.DB1 >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
4) when i do ssh still it is prompting for password.I have done this setup using root.please help me on this error


Last edited by muraliinfy04; 02-12-2013 at 07:48 AM..
# 2  
Old 02-12-2013
Turn on the verbose/debug mode of ssh using the -v option and post the output.
# 3  
Old 02-12-2013
Thanks for the reply.Please find the requested output.let me know anything else is needed.
Code:
 
dcwipphvom001 # ssh -v
Sun_SSH_1.1.4, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
You have to specify host.
Usage: ssh [options] host [command]
Options:
  -l user     Log in using this user name.
  -n          Redirect input from /dev/null.
  -F config   Config file (default: ~/.ssh/config).
  -A          Enable authentication agent forwarding.
  -a          Disable authentication agent forwarding (default).
  -X          Enable X11 connection forwarding.
  -x          Disable X11 connection forwarding (default).
  -i file     Identity for public key authentication (default: ~/.ssh/identity)
  -t          Tty; allocate a tty even if command is given.
  -T          Do not allocate a tty.
  -v          Verbose; display verbose debugging messages.
              Multiple -v increases verbosity.
  -V          Display version number only.
  -q          Quiet; don't display any warning messages.
  -f          Fork into background after authentication.
  -e char     Set escape character; ``none'' = disable (default: ~).
  -c cipher   Select encryption algorithm
  -m macs     Specify MAC algorithms for protocol version 2.
  -p port     Connect to this port.  Server must be on the same port.
  -L listen-port:host:port   Forward local port to remote address
  -R listen-port:host:port   Forward remote port to local address
              These cause ssh to listen for connections on a port, and
              forward them to the other side by connecting to host:port.
  -D port     Enable dynamic application-level port forwarding.
  -C          Enable compression.
  -N          Do not execute a shell or command.
  -g          Allow remote hosts to connect to forwarded ports.
  -1          Force protocol version 1.
  -2          Force protocol version 2.
  -4          Use IPv4 only.
  -6          Use IPv6 only.
  -o 'option' Process the option as if it was read from a configuration file.
  -s          Invoke command (mandatory) as SSH2 subsystem.
  -b addr     Local IP address.

# 4  
Old 02-12-2013
While connecting and not by itself!
Code:
ssh -v username@host

# 5  
Old 02-12-2013
dcwipphvom001 # ssh -v root@148.93.1.222
Code:
 
Sun_SSH_1.1.4, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to 148.93.1.222 [148.93.1.222] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Logging to host: 148.93.1.222
debug1: Local user: root Remote user: root
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1.4
debug1: match: Sun_SSH_1.1.4 pat Sun_SSH_1.1.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1.4
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA, DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: Peer sent proposed langtags, ctos: i-default
debug1: Peer sent proposed langtags, stoc: i-default
debug1: We proposed langtags, ctos: i-default
debug1: We proposed langtags, stoc: i-default
debug1: Negotiated lang: i-default
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: Remote: Negotiated main locale: C
debug1: Remote: Negotiated messages locale: C
debug1: dh_gen_key: priv key bits set: 147/256
debug1: bits set: 1581/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '148.93.1.222' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:3
debug1: bits set: 1567/3191
debug1: ssh_rsa_verify: signature correct
debug1: newkeys: mode 1
debug1: set_newkeys: setting new keys for 'out' mode
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: set_newkeys: setting new keys for 'in' mode
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: got SSH2_MSG_SERVICE_ACCEPT
Subject to applicable law, anyone using the Network expressly consents to:
1)  having his/her network activity monitored and recorded; and,
2)  using the Network only in accordance with the terms of the applicable
     Acceptable Use Practices (www.NetworkAUP.com < Acceptable Use Practices (AUPs) > ).
Your work product created, transmitted or stored on GM networks or systems,
including your name or other personally identifiable information, may be shared
with other GM entities, suppliers and third parties around the globe when required for
business or legal purposes.
BE ADVISED, that improper usage of the network and/or computing systems and
equipment may result in disciplinary action, up to and including termination of employment.
If possible criminal activity is detected, system records may be provided
to law enforcement officials
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug1: Next authentication method: gssapi-keyex
debug1: Next authentication method: gssapi-with-mic
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying public key: /root/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 149 lastkey 6eed8 hint 1
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
Password:

# 6  
Old 02-13-2013
Did you enabled root login in /etc/ssh/sshd_config?
There should be:
Code:
PermitRootLogin yes

This User Gave Thanks to GP81 For This Post:
# 7  
Old 02-13-2013
Hi thanks for the response.it worked.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Ssh public/private key user login problem

I have a user account configuration with ssh public/private key that works on multiple servers centos and rhel. One server (Server F) that is not working in centos 6.8. When i ssh into server f I get prompted for a password. I have verified the config and it all is good. I put sshd into debug... (8 Replies)
Discussion started by: bash_in_my_head
8 Replies

2. UNIX for Advanced & Expert Users

Private and public key encryption

Hi, we have private and public key, encrypt file using public and want to decrypt using private key. can you please advise below commands are correct or other remedy if unix have? encrypt -a arcfour -k publickey.asc -i TESTFILE.csv -o TESTFILE00.csv decrypt -a arcfour -k privatekey.asc... (2 Replies)
Discussion started by: rizwan.shaukat
2 Replies

3. Shell Programming and Scripting

Rsa public private key matching

Hi All, I have a requirement where i need to check if an rsa public key corresponds to a private key and hence return success or failure. Currently i am using the command diff <( ssh-keygen -y -e -f "$PRIVKEY" ) <( ssh-keygen -y -e -f "$PUBLICKEY" ) and its solving my purpose. This is in... (1 Reply)
Discussion started by: mritusmoi
1 Replies

4. UNIX for Dummies Questions & Answers

Public and Private Key generation for scp

Hi, What tool is used to generate public and private keys for SCP? Do you have an example script that generates these keys, puts them in files and then another example script that references them from SCP? Thanks, (9 Replies)
Discussion started by: Astrocloud
9 Replies

5. UNIX for Dummies Questions & Answers

how to create a public/private key using ssh-keygen

Hi, please guide me create a public/private key using ssh-keygen, lets say I have been access to server named pngpcdb1with a userid and password ...!!! and also please explain in detail the concept of these keys and ssh as I was planning to use them in ftp related scripts..! Thanks in... (1 Reply)
Discussion started by: rahul125
1 Replies

6. Solaris

Solaris 8 ssh public key authentication issue - Server refused our key

Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks. ... (1 Reply)
Discussion started by: aixlover
1 Replies

7. Shell Programming and Scripting

how to ssh to remote unix machines using private/public key

hello, iam able to ssh to a linux server from a linux server called "machine1" using the private/public key method, so I dont need to enter any password when I run my script but iam not able to ssh from machine1 to a UNIX server, access is denied. note that I am using an application id which is... (6 Replies)
Discussion started by: wydadi
6 Replies

8. Shell Programming and Scripting

SFTP in a shell script without public/private key

Hi everybody, I need some help on writing a script that is able to remote copy file to one server. I already created this types of scripts, and works ok as long as this server I want to copy from is access through telnet. Here is how I do it: ftp -n xxx.xxx.xxx.xxx << _EOF_ user user_name... (6 Replies)
Discussion started by: Alexis Duarte
6 Replies

9. UNIX for Dummies Questions & Answers

SSL Public key/Private question

Hi everyone, I have a quick/newb question: I know that a public key is used to encrypt data and a private key is used to decrypt data but who keeps the public/private keys?? Does the Web Server hold both? Does the Web Server have the public key and does the client have the private key? ... (3 Replies)
Discussion started by: tical00
3 Replies

10. Windows & DOS: Issues & Discussions

Public/Private Key SSH from UNIX to Windows (Cygwin)

Hello all, I have a bit of trouble working a passwordless SSH from UNIX to Cygwin running windows 2k3. Here are some details. I AM able to SSH from the Windows box to the UNIX box using the keys. Also, I'm able to SSH from UNIX to Windows w/o the keys. However, when I try to do it with the keys... (9 Replies)
Discussion started by: kclerks11
9 Replies
Login or Register to Ask a Question