- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: sftp without password
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-03-2010 04:49 AM
тАО02-03-2010 04:49 AM
Re: sftp without password
Logged out again, but no success.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-03-2010 05:37 AM
тАО02-03-2010 05:37 AM
Re: sftp without password
> debug1: Found key in /home/XXXXX/.ssh/known_hosts:49
> debug2: bits set: 500/1024
> debug1: ssh_rsa_verify: signature correct
Stop worrying about "known_hosts".
> debug1: Trying private key: /home/XXXXX/.ssh/identity
> debug3: no such identity: /home/XXXXX/.ssh/identity
I'd probably do:
ln -s id_rsa /home/XXXXX/.ssh/identity
> debug1: Offering public key: /home/XXXXX/.ssh/id_rsa
but it seems to try the thing eventually.
> debug2: we sent a publickey packet, wait for reply
> debug1: Authentications that can continue: publickey,password,keyboard-interactive
> debug1: Trying private key: /home/XXXXX/.ssh/id_dsa
Apparently the server did not like that key.
Have you looked at the system log file(s) on
the HP-UX (server) system?
> On HPUX:
> rsa-keygen -t RSA
>
> Copied the ~/.ssh/id_rsa.pub to Linux box
> and renamed to ~.ssh/authorized_keys
> OpenSSH_5.1p1 Debian-5ubuntu1, OpenSSL 0.9.8g 19 Oct 2007
But you seem to be running ssh on the Linux
system. Don't you want the public key file
on the _server_ system, and the private key
on the _client_? Or do _I_ have everything
backward?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-03-2010 05:57 AM
тАО02-03-2010 05:57 AM
Re: sftp without password
My goal is to sftp from my Linux box (or from another UX-server later) to the HP-UX server.
>I'd probably do:
>
> ln -s id_rsa /home/XXXXX/.ssh/identity
I have not copied the id_rsa file from the server, only id_rsa.pub.
>Have you looked at the system log file(s) on
the HP-UX (server) system?
Probably found something there:
Authentication refused: bad ownership or modes for directory ...............
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-03-2010 06:06 AM
тАО02-03-2010 06:06 AM
Re: sftp without password
It's easy to do.
> Authentication refused: bad ownership or modes for directory ...............
Looks like a problem.
> I have not copied the id_rsa file from the
> server, only id_rsa.pub.
However, my (dim) understanding of public-key
authorization is that one keeps his private
key private, that is, on the client, and he
sends his public key to the (remote) server.
With symmetric keys and clever software, it's
possible to use the keys in reverse, which
seems (to me) to be what you're doing. (Key
pairs normally being created on the client,
so that the private key stays private.)
But, as I said, _I_ could be the one who's
doing everything backward. (But I suspect
that it's you.)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-03-2010 06:39 AM
тАО02-03-2010 06:39 AM
Re: sftp without password
If you wish to connect _from_ Linux _to_ HPUX, you must create the key on the Linux host and copy the public key to ~/.ssh/authorized_keys on the HPUX host.
With your current configuration, a passwordless connection is allowed _from_ the HPUX host _to_ the Linux host, not vice versa.
MK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-03-2010 06:59 AM
тАО02-03-2010 06:59 AM
Re: sftp without password
Perhaps not. Note the messages:
> debug1: Trying private key: /home/XXXXX/.ssh/identity
> debug3: no such identity: /home/XXXXX/.ssh/identity
> debug1: Offering public key: /home/XXXXX/.ssh/id_rsa
I know nothing, but I suspect that if the
client can't find a private key, but can find
a public key, then it'll try the public key
(and hope that the corresponding private key
is at the other end).
As usual, with sufficiently clever software,
(and, here, symmetric keys) many things are
possible. Personally, I tend to configure
the stuff right-side-up, so I haven't tested
the backward-key hypothesis. (And I'm too
lazy to read enough to see if it's supposed
to work that way.)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-04-2010 10:20 PM
тАО02-04-2010 10:20 PM
Re: sftp without password
Turning it the right side around, and generating the key on the Linux side was of course necessary. But after that still had to remove group permissions on the users home directory on the HP-UX side.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-05-2010 06:39 AM
тАО02-05-2010 06:39 AM
Re: sftp without password
> was of course necessary [...]
Not really, so long as the right files are
put into the right places.
> [...] had to remove group permissions [...]
group:write should be the trouble maker. I'd
expect group:read,execute to be harmless.
- « Previous
-
- 1
- 2
- Next »