HPE Community
Operating System - HP-UX
1752701 Members
6320 Online
108789 Solutions
New Discussion юеВ

How I can sftp to localhost without password on hp-ux 11.23 ?

 
SOLVED
Go to solution
wuttipong
New Member

тАО09-01-2010 12:48 AM

тАО09-01-2010 12:48 AM

How I can sftp to localhost without password on hp-ux 11.23 ?

Hi,
I'm having problem from sftp to localhost my develop server.


#ssh -vvv abaper@sesapdv1
OpenSSH_4.5p1+sftpfilecontrol-v1.1-hpn12v14, OpenSSL 0.9.7l 28 Sep 2006
HP-UX Secure Shell-A.04.50.021, HP-UX Secure Shell version
debug1: Reading configuration data /opt/ssh/etc/ssh_config
debug3: RNG is ready, skipping seeding
debug2: ssh_connect: needpriv 0
debug1: Connecting to sesapdv1 [10.151.26.77] port 22.
debug1: Connection established.
debug3: Not a RSA1 key file /usr/sap/DV1/DVEBMGS00/work/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /usr/sap/DV1/DVEBMGS00/work/.ssh/id_rsa type 1
debug3: Not a RSA1 key file /usr/sap/DV1/DVEBMGS00/work/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /usr/sap/DV1/DVEBMGS00/work/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.5p1+sftpfilecontrol-v1.1-hpn12v14
debug1: match: OpenSSH_4.5p1+sftpfilecontrol-v1.1-hpn12v14 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.5p1+sftpfilecontrol-v1.1-hpn12v14
debug2: fd 4 setting O_NONBLOCK
debug3: RNG is ready, skipping seeding
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 134/256
debug2: bits set: 509/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /usr/sap/DV1/DVEBMGS00/work/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: filename /usr/sap/DV1/DVEBMGS00/work/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 2
debug1: Host 'sesapdv1' is known and matches the RSA host key.
debug1: Found key in /usr/sap/DV1/DVEBMGS00/work/.ssh/known_hosts:1
debug2: bits set: 517/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /usr/sap/DV1/DVEBMGS00/work/.ssh/id_rsa (4004eee0)
debug2: key: /usr/sap/DV1/DVEBMGS00/work/.ssh/id_dsa (400366b0)
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /usr/sap/DV1/DVEBMGS00/work/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Offering public key: /usr/sap/DV1/DVEBMGS00/work/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:

PS:I genereted the keys with user abaper and put the public in authrized_keys.

Any hints are highly appreciated.

Wuttipong.
0 Kudos
5 REPLIES 5
Steven Schweda
Honored Contributor

тАО09-01-2010 06:28 AM

тАО09-01-2010 06:28 AM

Solution

Re: How I can sftp to localhost without password on hp-ux 11.23 ?

> [...] hp-ux 11.23 [...]

Actual output from "uname -a" would tell us
more.

Why ask an HP-UX question in a Tru64 forum?

http://forums.itrc.hp.com/service/forums/familyhome.do?familyId=117

> OpenSSH_4.5p1+sftpfilecontrol-v1.1-hpn12v14, OpenSSL 0.9.7l 28 Sep 2006
> HP-UX Secure Shell-A.04.50.021, HP-UX Secure Shell version

Not very close to the latest version, is it?

> I'm having problem from sftp to localhost
> my develop server.

Is that one system or two systems?

> debug3: Not a RSA1 key file /usr/sap/DV1/DVEBMGS00/work/.ssh/id_rsa.
> debug2: key_type_from_name: unknown key type '-----BEGIN'
> debug3: key_read: missing keytype
> debug3: key_read: missing whitespace
> [...]

Where did you get this key file? Is it an
OpenSSH-format key file? (Apparently not.)

> PS:I genereted the keys with user abaper
> and put the public in authrized_keys.

Generated them how? Where? Did what with
them?

As usual, showing actual commands with their
actual output can be more helpful than vague
descriptions and interpretations.

Also, a Forum search for keywords like, say,
ssh password
or:
ssh passwordless
should find dozens of old threads on this
topic. You might look at them.
0 Kudos
Jim Walls
Trusted Contributor

тАО09-01-2010 05:22 PM

тАО09-01-2010 05:22 PM

Re: How I can sftp to localhost without password on hp-ux 11.23 ?

The key you are using appears to be corrupt!

You should generate the key-pair using ssh-keygen.

Refer to the man page for more details.

Also; make sure user's .ssh directory has permissions of 700 at most, the authorized_keys has 600, and that the user's home directory does not have group-write permissions.

Check the syslog for sshd messages if you have further problems.
0 Kudos
Chandrahasa s
Valued Contributor

тАО09-01-2010 07:56 PM

тАО09-01-2010 07:56 PM

Re: How I can sftp to localhost without password on hp-ux 11.23 ?

Hi,

Go through attached document will help you.


Chandra
0 Kudos
Steven Schweda
Honored Contributor

тАО09-01-2010 08:25 PM

тАО09-01-2010 08:25 PM

Re: How I can sftp to localhost without password on hp-ux 11.23 ?

> The key you are using appears to be corrupt!

It may a perfectly valid key, but in the
wrong format for OpenSSH. If it begins like
this:

---- BEGIN SSH2 PUBLIC KEY ----

or:

---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----

and ends like this:

---- END SSH2 PUBLIC KEY ---

or:

---- END SSH2 ENCRYPTED PRIVATE KEY ----

then I'd guess that you're looking at
SSH2-format key files, not OpenSSH-format
key files.

> Generated them how? Where? [...]

Still wondering...

You might try:

man ssh-keygen

and see if it has an option for converting an
SSH2-format key into an OpenSSH-format key.
0 Kudos
wuttipong
New Member

тАО09-03-2010 12:25 AM

тАО09-03-2010 12:25 AM

Re: How I can sftp to localhost without password on hp-ux 11.23 ?

Hi,all

I can solved this problem.The server can ssh&sftp itself.

First:
My OS Version is B.11.23 U ia64 and I updated OpenSSH&OpenSSL to latest version.

Next:
Then try again,It still a problem.

Next:
- I try ssh from root to root .It OK.
- Try ssh from root to XXX user in machine.Not Ok.

Next:
I try and try ....and try.It not work.

<>:
- I found something in /opt/ssh/etc/sshd_config.The parameter "AuthorizedKeysFile" point to /.ssh/authorized_keys.Try append public key from XXX user to /.ssh/authorized_keys and test again.It not OK.

#cat /home/XXX/.ssh/id_rsa.pub >> /.ssh/authorized_keys

- I found permission of /.ssh is 700 and /.ssh/authorized_keys is 600. Change to 755 and 644 ,then test ssh from XXX to itself again. It OK !!

#chmod 755 /.ssh
#chmod 644 /.ssh/authorized_keys

--------------------------------------------

PS:
- I want test update /opt/ssh/etc/sshd_config,change
Old = AuthorizedKeysFile /.ssh/authorized_keys
New = AuthorizedKeysFile ~/.ssh/authorized_keys

- stop/start ssh servive.

#/sbin/init.d/secsh stop
#/sbin/init.d/secsh start

- Test ssh again.It not work.

Thanks.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.