Login or Register to Ask a Question and Join Our Community


Solaris

Password connection-less

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris Password connection-less
# 1  
Old 02-10-2015
Password connection-less
Hi all!

I need help in reconfiguring password connection-less on 3 servers.

I had this feature on 3 servers, working fine for servers A, B and C, but for some unknown reason, and after a reboot was performed, from server B to server A is asking me for password, the same applies from server C to server A.
I try to setup again by generating a public key again, but if If I choose to overwrite already existing file, it might damage the already connection between servers A and B and A and C.
Please can someone help
# 2  
Old 02-10-2015
For server A to accept connections from servers B & C, it needs to have the public keys for the connecting accounts from those two servers in the authorized_keys file owned by the user account on Server A that you are connecting to.

I don't know a reason that a re-boot would affect this. I'm assuming that you are using sshor sftp etc. Can you complete the process manually, and did it ask you to verify the remote host fingerprint again? That would indicate that the server keys have been regenerated. i suppose that this could happen on a boot if the server had the flag set for a first-time boot when the keys would be generated.

The authorized_keys file also needs to be RW only to the owner, so perhaps this has been undone.

What version on Solaris are you using?




Robin
# 3  
Old 02-10-2015
Hi

Thanks for the response, Yes I am using
Code:
ssh

, its
Code:
solaris 10

, and earlier when I try to generate a key from server B to A:

Code:
 ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/nikira_data01/.ssh/id_rsa):
/nikira_data01/.ssh/id_rsa already exists.
Overwrite (yes/no)? no

# 4  
Old 02-10-2015
I would respond no

If you are trying to connect to UserA on ServerA, sign on manually and look in the home directory. There should be a directory call .ssh and within there, the file authorized_keys should exist. Do you have that?

The records in this file are made up from the public keys of users that you want to allow to connect. What do you have? This file should be public keys only, so you can happily paste the whole file without compromising your security, but please wrap it in [CODE]& [/CODE] tags to make it clear.

You should find a record that matches the public key for your user on ServerB. Perhaps send the public key as id_rsa.pub-from-ServerB from the user on ServerB to the user on serverA and use grep -f id_rsa.pub-from-ServerB authorized keys to see if you have a matching record.

Hopefully we will be able to work out what's wrong and correct it rather than rebuild everything.


Robin
# 5  
Old 02-10-2015
Hi

from server A to server B, the connection-less is working fine, but from server B to server A, is asking for password.
On server A i found is subdir
Code:
.ssh

:

Code:
 ls -lrt
total 16
-rw-------   1 nikira   sys          672 Aug  2  2012 id_dsa
-rw-r--r--   1 nikira   sys          608 Aug  2  2012 id_dsa.pub
-rw-------   1 nikira   sys          883 Aug  2  2012 id_rsa
-rw-r--r--   1 nikira   sys          228 Aug  2  2012 id_rsa.pub
-rw-------   1 nikira   sys          834 Aug  2  2012 authorized_keys
-rw-r--r--   1 nikira   sys         2385 May 28  2013 known_hosts
[nikira@nikira-app1 .ssh]$ more authorized_keys
ssh-dss AAAAB3NzaC1kc3MAAACBAKdhkvWHHOe1NC6+5gVCO2tOYUiLumqLo6JemiPFSAoszFvWzwZmhvI2iqIypdTnShZgOr3Hhw5kyKpMal7IjFI8xbhhYIwKNKApcqnBHsnveoJO/9T0UzBVRYJI6HOs7d5z3WraW9/x
YQbB/vkr6T5hV42PK8VO3FStOKMLlUy9AAAAFQDR3exBTJqAPCDoh8j0XvU8JV+utQAAAIAU1iun3lwTDjJXGMOeTM1BpBvabQCSja7sAMXbxF5KBSo+Q9li9XTNxTR3kEjk4fwa0O8QGnCe9MCFslFzaWqzxxycf8MWQKpB
HvqWCpDb+aA6k40E82ESjo2xcwon4dhaWn1wZUGhggg3eZ4c6aExD+EBNEbi+ACKLcekI84eIgAAAIAq3Dy+weU9U4kPPtiHoutM7nlUEeeriJKZQO8AGBVzvqmFlmgm5uD9ZgQxY3YtNPQRTSxyYK4/4mOtH2us0cuGb+ky
jBVakkGO1gktE1ilXzLQpJBS+XwI3f+qDl48e1B08ksluvaluSgb74JJO9oPbSiQJ+4WsoL7e+XhWt8/WQ== nikira@nikira-db
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwpsUXm7Va18hiwzOBAlfwHU2xdREoBUUqm6fI7iAgt2PRgXa/xMmS9jpURS/hGNwmptk002uglnqGp0sMWcj8RptJBcDP+U6nQb3KqfIY5E15q8Y3S77aX3qdZEgUAFsOyKr
fttlwgz8HGRasCEYpKB2pVyD2+sBTarLCxX+IqM= nikira@nikira-app2

and on server B on the subdir
Code:
.ssh

I found:

Code:
 ls -lrt
total 16
-rw-------   1 nikira   sys          668 Aug  2  2012 id_dsa
-rw-r--r--   1 nikira   sys          606 Aug  2  2012 id_dsa.pub
-rw-------   1 nikira   sys          887 Aug  2  2012 id_rsa
-rw-r--r--   1 nikira   sys          228 Aug  2  2012 id_rsa.pub
-rw-------   1 nikira   sys          606 Aug  2  2012 authorized_keys_bkp
-rw-------   1 nikira   sys          834 Aug  2  2012 authorized_keys
-rw-r--r--   1 nikira   sys         1769 Oct  2  2013 known_hosts
[nikira@nikira-app2 .ssh]$ file authorized_keys
authorized_keys:        ascii text
[nikira@nikira-app2 .ssh]$ more authorized_keys
ssh-dss AAAAB3NzaC1kc3MAAACBAKdhkvWHHOe1NC6+5gVCO2tOYUiLumqLo6JemiPFSAoszFvWzwZmhvI2iqIypdTnShZgOr3Hhw5kyKpMal7IjFI8xbhhYIwKNKApcqnBHsnveoJO/9T0UzBVRYJI6HOs7d5z3WraW9/x
YQbB/vkr6T5hV42PK8VO3FStOKMLlUy9AAAAFQDR3exBTJqAPCDoh8j0XvU8JV+utQAAAIAU1iun3lwTDjJXGMOeTM1BpBvabQCSja7sAMXbxF5KBSo+Q9li9XTNxTR3kEjk4fwa0O8QGnCe9MCFslFzaWqzxxycf8MWQKpB
HvqWCpDb+aA6k40E82ESjo2xcwon4dhaWn1wZUGhggg3eZ4c6aExD+EBNEbi+ACKLcekI84eIgAAAIAq3Dy+weU9U4kPPtiHoutM7nlUEeeriJKZQO8AGBVzvqmFlmgm5uD9ZgQxY3YtNPQRTSxyYK4/4mOtH2us0cuGb+ky
jBVakkGO1gktE1ilXzLQpJBS+XwI3f+qDl48e1B08ksluvaluSgb74JJO9oPbSiQJ+4WsoL7e+XhWt8/WQ== nikira@nikira-db
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAoVGzahyKzfOUbuMQ1w4XodHe3eFv0Q2pwRLZEI1g77E67ogFUn+FaDPXqX6jTQlQYIoSyQ3MeLEQN6kxAPLKDZyBQDMTIyORr6ZJaWSgbjON9h+4zdclhlFZelOxiu7wnX/0
QoiaUNLDDiNR7wMLuC4+P7s2IzzGSYeFFAkSsBU= nikira@nikira-app1

So not quite sure what could be wrong!!
# 6  
Old 02-10-2015
Assuming that you are on ServerB as user nikira and connecting to ServerA as nikira too, can you share the content of id_rsa.pub?

Does it match the content of ServerA file authorized_keys?



Robin
# 7  
Old 02-10-2015
the contents of
Code:
id_rsa.pub

on server B are:
Code:
 more id_dsa.pub
ssh-dss AAAAB3NzaC1kc3MAAACBAKdhkvWHHOe1NC6+5gVCO2tOYUiLumqLo6JemiPFSAoszFvWzwZmhvI2iqIypdTnShZgOr3Hhw5kyKpMal7IjFI8xbhhYIwKNKApcqnBHsnveoJO/9T0UzBVRYJI6HOs7d5z3WraW9/x
YQbB/vkr6T5hV42PK8VO3FStOKMLlUy9AAAAFQDR3exBTJqAPCDoh8j0XvU8JV+utQAAAIAU1iun3lwTDjJXGMOeTM1BpBvabQCSja7sAMXbxF5KBSo+Q9li9XTNxTR3kEjk4fwa0O8QGnCe9MCFslFzaWqzxxycf8MWQKpB
HvqWCpDb+aA6k40E82ESjo2xcwon4dhaWn1wZUGhggg3eZ4c6aExD+EBNEbi+ACKLcekI84eIgAAAIAq3Dy+weU9U4kPPtiHoutM7nlUEeeriJKZQO8AGBVzvqmFlmgm5uD9ZgQxY3YtNPQRTSxyYK4/4mOtH2us0cuGb+ky
jBVakkGO1gktE1ilXzLQpJBS+XwI3f+qDl48e1B08ksluvaluSgb74JJO9oPbSiQJ+4WsoL7e+XhWt8/WQ== nikira@nikira-db

contents of
Code:
authorized_keys

on server B:

Code:
 more authorized_keys
ssh-dss AAAAB3NzaC1kc3MAAACBAKdhkvWHHOe1NC6+5gVCO2tOYUiLumqLo6JemiPFSAoszFvWzwZmhvI2iqIypdTnShZgOr3Hhw5kyKpMal7IjFI8xbhhYIwKNKApcqnBHsnveoJO/9T0UzBVRYJI6HOs7d5z3WraW9/x
YQbB/vkr6T5hV42PK8VO3FStOKMLlUy9AAAAFQDR3exBTJqAPCDoh8j0XvU8JV+utQAAAIAU1iun3lwTDjJXGMOeTM1BpBvabQCSja7sAMXbxF5KBSo+Q9li9XTNxTR3kEjk4fwa0O8QGnCe9MCFslFzaWqzxxycf8MWQKpB
HvqWCpDb+aA6k40E82ESjo2xcwon4dhaWn1wZUGhggg3eZ4c6aExD+EBNEbi+ACKLcekI84eIgAAAIAq3Dy+weU9U4kPPtiHoutM7nlUEeeriJKZQO8AGBVzvqmFlmgm5uD9ZgQxY3YtNPQRTSxyYK4/4mOtH2us0cuGb+ky
jBVakkGO1gktE1ilXzLQpJBS+XwI3f+qDl48e1B08ksluvaluSgb74JJO9oPbSiQJ+4WsoL7e+XhWt8/WQ== nikira@nikira-db
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAoVGzahyKzfOUbuMQ1w4XodHe3eFv0Q2pwRLZEI1g77E67ogFUn+FaDPXqX6jTQlQYIoSyQ3MeLEQN6kxAPLKDZyBQDMTIyORr6ZJaWSgbjON9h+4zdclhlFZelOxiu7wnX/0
QoiaUNLDDiNR7wMLuC4+P7s2IzzGSYeFFAkSsBU= nikira@nikira-app1

the contents of
Code:
id_rsa.pub

of server A are:

Code:
 more id_dsa.pub
ssh-dss AAAAB3NzaC1kc3MAAACBANyyRov3poQc1RO+0C8u8pTW5m7PL3GpIYaCnpoVoln4t2V1wR56TYBwf64JQD0KnOs/dHtFx+ImgLLN/wVmUXVQ/B8PCDbnFi/BHqOSItOXw+bwOXkgnZvaKXi9LuDumHqcPrXrQJW2
1+toNoOrBfMPdGuftb1JXPD8iEaErIk7AAAAFQDfzN+vJ+OAcBaVvFxxK7Uy6/rAoQAAAIEAw0vD5EY8LoqOoTrzTfdC/9ljDz3RaTXE8zps4G+OdrZUBCDEXsnKAq/ESyCyQGucnGrFa9qcLjRdp8uWWPaxLNlB0QjUrSNB
TY3qI0tU/MZgz8MpbU/s2JGLMhr5ohPttO8z7fWJVaoVD1F7tiUThSzg1YxZghRUDMW9+lMK3e8AAACBAKlzZZ5npZp5itbOPRMVFgm65RdN+Y8hy09izQOUyLY/SoTsmEKaxub7xo/+FBEnSKUhkoFynpWP0zduQ4eRpGin
3RL/sz+hPK6PeUlAmNoM3elI0+9mJ0YJU4hiksus3W7oPebnO4QQ8ympWyv22jMoAwFRiJ3sczdeDGabI7Kv nikira@nikira-app1

contents of
Code:
authorized_keys

on server A are:
Code:
 more authorized_keys
ssh-dss AAAAB3NzaC1kc3MAAACBAKdhkvWHHOe1NC6+5gVCO2tOYUiLumqLo6JemiPFSAoszFvWzwZmhvI2iqIypdTnShZgOr3Hhw5kyKpMal7IjFI8xbhhYIwKNKApcqnBHsnveoJO/9T0UzBVRYJI6HOs7d5z3WraW9/x
YQbB/vkr6T5hV42PK8VO3FStOKMLlUy9AAAAFQDR3exBTJqAPCDoh8j0XvU8JV+utQAAAIAU1iun3lwTDjJXGMOeTM1BpBvabQCSja7sAMXbxF5KBSo+Q9li9XTNxTR3kEjk4fwa0O8QGnCe9MCFslFzaWqzxxycf8MWQKpB
HvqWCpDb+aA6k40E82ESjo2xcwon4dhaWn1wZUGhggg3eZ4c6aExD+EBNEbi+ACKLcekI84eIgAAAIAq3Dy+weU9U4kPPtiHoutM7nlUEeeriJKZQO8AGBVzvqmFlmgm5uD9ZgQxY3YtNPQRTSxyYK4/4mOtH2us0cuGb+ky
jBVakkGO1gktE1ilXzLQpJBS+XwI3f+qDl48e1B08ksluvaluSgb74JJO9oPbSiQJ+4WsoL7e+XhWt8/WQ== nikira@nikira-db
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwpsUXm7Va18hiwzOBAlfwHU2xdREoBUUqm6fI7iAgt2PRgXa/xMmS9jpURS/hGNwmptk002uglnqGp0sMWcj8RptJBcDP+U6nQb3KqfIY5E15q8Y3S77aX3qdZEgUAFsOyKr
fttlwgz8HGRasCEYpKB2pVyD2+sBTarLCxX+IqM= nikira@nikira-app2

in the file
Code:
id_rsa.pub

of server B, the last line mention server C which is
Code:
nikira-db

, but on server A, the last line shows
Code:
nikira-app1

, which is server A
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies

2. Shell Programming and Scripting

Sftp connection with password

I am running this script to copy pattern files in local but it is asking for password even passing the hardcode value Script:- PASSWORD="xyz" sftp -oport=1002 user@host:/dir/archive/file*.txt /di/data/ << EOF $PASSWORD quit EOF Got error :- -bash-4.1$ sh sftp_with_password.sh... (5 Replies)
Discussion started by: himanshupant
5 Replies

3. UNIX for Advanced & Expert Users

How keep running a program n an another computer via a connection ssh when the connection is closed?

Hi everybody, I am running a program on a supercomputer via my personal computer through a ssh connection. My program take more than a day to run, so when I left work with my PC I stop the connection with the supercomputer and the program stop. I am wondering if someone know how I can manage... (2 Replies)
Discussion started by: TomTomGre
2 Replies

4. UNIX for Dummies Questions & Answers

For SFTP connection - How to give password in UNIX Script (ksh)

Hi, I am not able to give the password in Unix script for SFTP connection. When I am trying to manully SFTP command for accessing the server , it asking for pwd and I could provide the pwd but I am not getting how to provide the pwd inside the Unix script. sftp -v user@xyz.com. ... (4 Replies)
Discussion started by: Vineeta Nigam
4 Replies

5. Shell Programming and Scripting

Passing password in script for ssh connection - no except

Used the script posted on forum - unix.com/shell-programming-scripting/21597-script-change-passwords-same-user-multiple-servers.html but the last question posted on this seems to be still unanswered, tried different things with no success, can someone help giving an way to pass the password via... (5 Replies)
Discussion started by: sapadmin
5 Replies

6. Solaris

Solaris 10 ftp connection problem (connection refused, connection timed out)

Hi everyone, I am hoping anyone of you could help me in this weird problem we have in 1 of our Solaris 10 servers. Lately, we have been having some ftp problems in this server. Though it can ping any server within the network, it seems that it can only ftp to a select few. For most servers, the... (4 Replies)
Discussion started by: labdakos
4 Replies

7. UNIX for Dummies Questions & Answers

Command to delay password entry - putty connection manager

Hi all, putty connection manager is great but when attempting to sudo or ssh to another box via the post login commands it is subject to issues due to network latency (what happens is that pcm enters the password before the unix box is ready to receive it). Is there any clever way I can make... (1 Reply)
Discussion started by: skinnygav
1 Replies

8. Shell Programming and Scripting

Password less connection(sftp/ssh)

Dear All, I'm trying to configure a passwordless connection between two servers of HP-UX. i have srearched the configuration in google so many times and as per the guidence i have done all the steps, but still its not working and every time it is asking for password while trying to scp some file... (2 Replies)
Discussion started by: panknil
2 Replies

9. Cybersecurity

ssh connection without password

The subject has been outlined in many articles, yet I can not establish a password-less ssh connection. Below I show what I did and then I include ssh debug info, maybe someone would be able to point out something I am not doing right. My setup: two SCO 5.0.7 boxes on a private lan, user... (6 Replies)
Discussion started by: migurus
6 Replies

10. Solaris

I want to hard code username and password for an FTP connection

Hi all i want to do FTP via running a shell script and i want to hard code username and password for that particular server.. by writing it in a file can u help me in this regard.. Thank u Naree (2 Replies)
Discussion started by: naree
2 Replies
Login or Register to Ask a Question