Ssh-keygen problems


 
Thread Tools Search this Thread
Top Forums UNIX for Beginners Questions & Answers Ssh-keygen problems
# 1  
Old 03-26-2019
Ssh-keygen problems

For some reason, when I try copying my public key to the server, despite it showing as being successful:


Code:
rob@linux044:~$ ssh-copy-id -i /home/rob/Work/Keys/keys.txt.pub !@#$%.com
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/rob/Work/Keys/keys.txt.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '!@#$%.com'"
and check to make sure that only the key(s) you wanted were added.

when I log in and check the two keys I can see clearly they are two different keys. Any idea's what I might be doing incorrectly here?


EDIT: The command I used to copy the key:
Code:
ssh-copy-id -i /home/rob/Work/Keys/keys.txt.pub !@#$%.com

# 2  
Old 03-26-2019
Have you checked to insure that the permissions are set up correctly?

Is it possible an issue related to file permissions is not allowing overwriting the older key?
# 3  
Old 03-27-2019
Well here is something interesting, maybe. I ran ls -l ~/.ssh and there seems to be a few files contained therein: authorized_keys, id_rsa, id_rsa.pub and known_hosts. it would seem my key is being added to the 'authorized_keys' list but why I wonder is there a file called id_rsa.pub and how do I know which one the host is using. I am still having to enter my password when I ssh onto the network, shouldn't the presence of my public key on that network allow me to log on without a password check?


Also, the authorized_keys file has keys from my other computer and it also has two private keys stored in it?

Last edited by RudiC; 03-27-2019 at 11:53 AM..
# 4  
Old 03-27-2019
Hi,

authorized_keys does not contain private keys. It only contains public keys. The private key should not leave the source system.

---

You can check what's really going on by increasing the debug level. If there's the wrong key deposited with ssh-copy-id there definitely went something wrong.

Try again with:

Code:
ssh-copy-id -o LogLevel=DEBUG1 ....

You can increase LogLevel further to DEBUG2 or DEBUG3 for more intense debugging. So you will definitely see what is going on and what file is used, or maybe rejected. If that's still not enough you may use strace, to trace the systemcalls for opening and reading of ssh-copy-id. But I think that won't be necessary.

id_rsa and id_rsa.pub are the default key files when a keypair is generated. These are the key files which are used if nothing is specified.
This User Gave Thanks to stomp For This Post:
# 5  
Old 03-27-2019
On the remote side: .ssh directory permissions should be 700.

Also on the remote side: $HOME directory also needs to prohibit writing to any file in your remote home tree - 755 or less.. 750, 700.

Your public key text ( from xxxxxxx.pub ) should exist as one of the keys in the file $HOME/.ssh/authorized_keys on the remote box
# 6  
Old 03-27-2019
Quote:
I am still having to enter my password when I ssh onto the network, shouldn't the presence of my public key on that network allow me to log on without a password check?
When the target-servers target-users $HOME/.ssh/authorized_keys does not contain your key (from /home/rob/Work/Keys/keys.txt.pub), it's absolutely clear why key-based auth does not work:

Because your key hadn't been copied or you login with a key that's not permitted.

----

Another Question:

When your public key is /home/rob/Work/Keys/keys.txt.pub. Where's your private key then? Since this is not a standard location you have to configure the Key for the connection to your server.

For example in $HOME/.ssh/config

Code:
Host YOUR-SERVER-ALIAS
  Hostname FQDN-HOSTNAME-OR-IP-ADDRESS
  User TARGET-SYSTEM-USER-NAME
  IdentityFile PRIVATE-KEY-FULL-PATH

# Example
Host webserver
  Hostname 192.168.10.2
  User root
  IdentityFile /home/rob/Work/Keys/private-key.txt

Login to your server then via this command:

Code:
ssh webserver

Furthermore $HOME/.ssh is a good place to deposit private keys, because it's very restricted by default. And an ssh private key should be protected well from any unauthorized access if possible. And as everybody else says here: Check the permissions! ;-)

Last edited by stomp; 03-28-2019 at 09:39 AM..
This User Gave Thanks to stomp For This Post:
# 7  
Old 03-28-2019
So I ran a:
Code:
cat ~/.ssh/known_hosts

and there is a rather large text block in that file, why? Is text added here whenever I ssh into a machine? To be clear, I should be storing my key pair's here within the .ssh directory as: id_rsa and id_rsa.pub, is that correct?
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

ssh keygen in unix server

I have a central unix server and more than 200 unix server to connect from central server .For this to take place i want to use ssh keygen between & among servers .Do anybody has an idea how to automate this process . The server has same user id and same password (0 Replies)
Discussion started by: gauravsinha
0 Replies

2. AIX

ssh-keygen issue on AIX

Hi , I am trying to create public key on my AIX server on other than home directory.However the command does not ask for Enter file in which to save the key : It is directly taking me to Enter the passphrase. I don't want to save the key in home dir as that is the home dir for other userID... (6 Replies)
Discussion started by: saurau
6 Replies

3. Shell Programming and Scripting

sftp ssh-keygen

sftp username@host <<EOF lcd /home/dirA cd /home/dirB mput *.txt exit EOF Hi, i have done the keygen-ssh settings but rite now I log through putty I enter my credentials and then when i successfully log in, then I issue the command ssh server name then I again enter into the server but... (1 Reply)
Discussion started by: rahulsxn660
1 Replies

4. UNIX for Dummies Questions & Answers

ssh-keygen error

Hi, I using ssh-keygen for passwordless authenciation firstly and I am following these steps mentioned below... 1) Login to pngpcdb1 using your user/pass 2) type 'bash' (without quotes) 3) ssh-keygen #generates private and public key. 4) copy this private key to the location of your sftp... (1 Reply)
Discussion started by: karan2597
1 Replies

5. UNIX for Dummies Questions & Answers

keygen-ssh

Hi, I was going thruough the password less authentication of keygen-ssh that will help us in generating keys...One thing that is not clear to me that if in nearby future we conncet to remote ftp server in that case now we need to only provide the user id itself that is password would not be... (1 Reply)
Discussion started by: rahul125
1 Replies

6. UNIX for Dummies Questions & Answers

ssh-keygen

Hi, I am new to unix, recently i was exploring password less remote connection to the ftp server and in that I was exploring the ssh-keygen utility, that it generates private & public keys that helps in transmitting files in encrypted format.Could you please explain me in detail about the... (1 Reply)
Discussion started by: rahul125
1 Replies

7. Shell Programming and Scripting

Query regarding ssh keygen

Hi, I have two Unix servers A and B. I have a script in server A. I want to connect to server B from A using ssh only and without giving passwords everytime i connect. I went through other posts regarding this and I generated a public key in server A and copied that in server B. Now when I... (3 Replies)
Discussion started by: mick_000
3 Replies

8. UNIX for Advanced & Expert Users

ssh-keygen stops working

Hey guys, I was using ssh-keygen settings for a long time to login on remote machines without password. 2 days back it suddenly stops working, i tried by reset all ssh-keygen setting but it not works. what could be the reason of this issue and how can i resolve this? (2 Replies)
Discussion started by: RohitKJ
2 Replies

9. UNIX for Advanced & Expert Users

ssh-keygen configuration problem

I am unable to set password less entry from one server to another even after i have generated public key and have put in the authorized_keys of the target server. When i try to debug the ssh using ssh -v, it gives me debug1: Authentications that can continue:... (14 Replies)
Discussion started by: brandedfundoo
14 Replies

10. Shell Programming and Scripting

SSH-Keygen script

Hello friends, I wanna to make new script which work as i defined below (1) it connect (using ssh) to remote server (2) remote server having passphrase key with password (3) Generate new passphrase on local machine with random 8 character password. (4) It will atomatically uploaded to... (4 Replies)
Discussion started by: jagnikam
4 Replies
Login or Register to Ask a Question