Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Can't get SSH to work without password

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Can't get SSH to work without password
# 1  
Old 11-26-2008
Can't get SSH to work without password
Need some help on this!! I've been trying to get SSH to work without having to enter a password. I've found numerous articles on this and have tried the instructions, but am still getting prompted for a password. One thing to mention is that I'm using different IDs on the two servers.

Here's what I've done so far:

ssh-keygen -t rsa -f id_rsa (to gen the keys)

cat id_rsa.pub|ssh dsadm@dw005 'cat >> .ssh/authorized_keys' (to copy public key to target server)

ssh dw005 -n -l dsadm /export/home/dsadm/test_ssh (this will prompt for password)

Below is the debugging info when using "-v"

dev-edw:/home/instgd/.ssh# ssh dw005 -v -n -l dsadm /export/home/dsadm/test_ssh
OpenSSH_4.1p1, OpenSSL 0.9.7d 17 Mar 2004
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Failed dlopen: /usr/krb5/lib/libkrb5.a(libkrb5.a.so): 0509-022 Cannot load module /usr/krb5/lib/libkrb5.a(libkrb5.a.so).
0509-026 System error: A file or directory in the path name does not exist.

debug1: Error loading Kerberos, disabling Kerberos auth.
debug1: Connecting to dw005 [172.29.30.12] port 22.
debug1: Connection established.
debug1: identity file /home/instgd/.ssh/identity type -1
debug1: identity file /home/instgd/.ssh/id_rsa type 1
debug1: identity file /home/instgd/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'dw005' is known and matches the RSA host key.
debug1: Found key in /home/instgd/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/instgd/.ssh/identity
debug1: Offering public key: /home/instgd/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: /home/instgd/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password
dsadm@dw005's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending command: /export/home/dsadm/test_ssh
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.2 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 0
# 2  
Old 11-26-2008
Code:
1. Suppose the domain name of your server is server, and your login name loginname. 

2. On the client, generate a public and private key. 
ssh-keygen -C loginname@server -t dsa

When asked for a password, simply press return. 

The private key is stored in ~/.ssh/id_dsa, and the public key in ~/.ssh/id_dsa.pub. 

Never give the private key away!

3. Copy the public file to the server with 
scp ~/.ssh/id_dsa.pub loginname@server:~/

4. Login on the server with 
ssh loginname@server

append the copied file to ~/.ssh/authorized_keys with

cat ~/id_dsa.pub >>~/.ssh/authorized_keys

5. If you want to enable this features on other servers, just repeat step 3 on each of the servers. 

That’s it! If you have done everything correctly, the next time you login via SSH or use CVS over SSH, 
you will not need to enter a password yet you have a secure connenction.

# 3  
Old 11-26-2008
ikon - thanks for the info, but that's what I already did ...

any thoughts on whether going from one id to another is causing a problem??

i.e. using the "-l username" option on the ssh command
 
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Red Hat

SSH password less setup asking for password

Hello Experts, when I am trying to connect my target server through sftp after creating ssh password less setup, it is asking for passowrd to connect. to setup this I followed below process: -->generated keys by executing the command "ssh-keygen -t rsa" -->this created my .ssh directory... (9 Replies)
Discussion started by: Devipriya Ch
9 Replies

2. SuSE

SSH issue - can't get password less login to work

Hello, I can't seem to get the password less login to work on one of my SLES 11 servers. My ssh agent lets me login to all my other servers, which are Solaris 10, RHEL 5, and SLES 11 servers. Some servers mount my home directory and others don't. The server that I'm having an issue with doesn't... (7 Replies)
Discussion started by: bitlord
7 Replies

3. AIX

2nd SSH doesn't work with AD

Recently I decided to intall second daemon of SSH for Winbind users. I mean I have configuration AIX + Samba + AD and I can login to the server via SSH with AD accounts to 22 port without any problems. But now I have second installation of OpenSSH and don't understand why I can't do the same... (6 Replies)
Discussion started by: jess_t03
6 Replies

4. Shell Programming and Scripting

SSH shell script does not work

Hello I have a Zabbix Server were Linux kernel version 2.6.26-2-amd64 is running. now my Question how can i make a script that does: - connect with ssh to a device - get the systeminfo (but only the interfaces, mac adresses, serialnumber and Software version) - write the output in a file ... (18 Replies)
Discussion started by: Fraggy
18 Replies

5. Red Hat

whiptail --password : How does it work?

I have a question regarding "whiptail utility" in Linux. I have the following whiptail command within a script: #!/bin/sh whiptail --passwordbox " Password " 10 40 I would like to know Where does it store the password when the script is run? Does it go to any particular file? How... (1 Reply)
Discussion started by: Vabiosis
1 Replies

6. Solaris

SSH Password-less login fails on password expiry.

Hi Gurus I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails. Resetting my password reenables the keys. Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies

7. Forum Support Area for Unregistered Users & Account Problems

password does not work

I get this ######### as password but it does not work please help Amani (1 Reply)
Discussion started by: register
1 Replies

8. UNIX for Dummies Questions & Answers

SSH-KEYGEN doesn't work

Hi, Am running the following commands on our server to generate a key for passwordless SSH, however we are getting 100% blank key files. E.g. when looking id_dsa.pub or id_dsa they are 100% empty - the files get created, but contain no content and have a file size of 0b. mkdir ~/.ssh... (3 Replies)
Discussion started by: gjp
3 Replies

9. Shell Programming and Scripting

ssh, cd to a dir, and and then do some work.

I want to do something like #!/bin/bash ssh name@computer 'cd /my/dir' and then continue working in this directory. Right now if I execute a script "myscript" containing the above, it just drops me back into the bash shell where I started, whereas I want to be able to do work and stuff on... (1 Reply)
Discussion started by: tphyahoo
1 Replies
Login or Register to Ask a Question