HPE Community
Operating System - HP-UX
1753599 Members
6863 Online
108796 Solutions
New Discussion

Can not SSH from one HPUX machine to another

 
Darren Etheridge_2
Super Advisor

‎05-04-2012 11:27 AM

‎05-04-2012 11:27 AM

Can not SSH from one HPUX machine to another

I can't seem to get rsync or ssh between 2 hp machines to work.

I have 2 HPUX machines, one running 11.23 and one runing 11.31.   I have followed the below instructons:

 

host server:

 

[HAL:/]ssh-keygen -t rsa
Generating public/private rsa key pair.
Please be patient....   Key generation may take a few minutes
Enter file in which to save the key (//.ssh/id_rsa):
Created directory '//.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in //.ssh/id_rsa.
Your public key has been saved in //.ssh/id_rsa.pub.

 

[HAL:/.ssh]cat /.ssh/id_rsa.pub >> /.ssh/authorized_keys

 

[HAL:/.ssh]rcp id_rsa.pub tal:/.ssh

 

remote-server:

[TAL:/.ssh]cat id_rsa.pub >> /.ssh/authorized_keys

 

 

But when I try to ssh to HAL it asks for password.

 

ANy ideas.... I'm at a loss :(


 

0 Kudos
Reply
1 REPLY 1
Matti_Kurkela
Honored Contributor

‎05-04-2012 12:53 PM

‎05-04-2012 12:53 PM

Re: Can not SSH from one HPUX machine to another

You created the key pair on HAL, but copied only the public part to TAL. Adding the public part to authorized_keys on both hosts means you can now SSH from HAL to itself or from HAL to TAL, but when trying to SSH from TAL to HAL, the ssh client won't have the private key available and must fall back to password authentication.

 

Think of it this way: the "id_rsa" (without the .pub suffix) file is like a key, and the "id_rsa.pub" file is like a lock cylinder into which the key fits. You'll need to keep the private key secure, but you can give out copies of the lock cylinder to anyone: "if you want me to be able to get through some door, add this lock cylinder to the lock of that door."

 

The simplest way to complete your setup would be to copy the id_rsa file from HAL to TAL, i.e.:

[HAL:/.ssh]scp -p id_rsa tal:/.ssh

Note: the private key file needs to have chmod 600 protection on it, otherwise the ssh client thinks it might be compromised and will complain and/or not use the key until you fix it. Hence the "-p" option (preserve permissions).

MK
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.