For me it's not working password-less authentication in two HP-UX boxes.
I am trying with 2 HP-UX boxes, one is 11iv2 and another is with 11iv3.
created RSA and DSA keys with "ssh-keygen -t rsa/dsa" on both nodes, add both nodes both rsa/dsa public keys to their authorized_keys file, but i am not able to SSH without password.
The permissions of .ssh/* directory/files are correct.
The configuration files (sshd_config) is correct ( PubkeyAuthentication yes )
I am not understanding why it is not working.
I have gone through the HP-UX secure shell documentation, in the documentation i found bellow line to add the public keys.
The documented command is exactly correct, assuming that the $HOME/.ssh directory already exists in the remote host.
Please examine your /var/adm/syslog/syslog.log file: if sshd rejects your key authentication attempt, the reason for rejection will be listed in the log file.
We are using the below procedure in our environment ,hope this will help you
On local machine (the steps for local machine are only done once): ===================== Log in as user account /usr/local/bin/ssh-keygen2 -t dsa -b 512 cd ~/.ssh2 echo "IDKey id_dsa_1024_a" > identification
On remote machines ================== 1)Log in as user account to remote machine 2)if ~/.ssh2 doesn't exist,create .ssh2 directory mkdir ~/.ssh2 cd ~/.ssh2 mkdir keys cd keys 3)Get(ftp, scp, etc) the file ~/.ssh2/id_dsa_1024_a.pub from source machine and put it in the remote ~/.ssh2/keys directory. Name it something unique. Something like ~/.ssh2/keys/userid.localmachinename.pub cd ~/.ssh2 echo "Key keys/userid.localmachinename.pub" >> authorization (replace userid.localmachinename.pub with whatever the file was named).
"The permissions of .ssh/* directory/files are correct."
so you say, but you don't provide a listing? If the keys are in $HOME/.ssh, then the permissions on $HOME need to be set properly as well. This may show up in the syslog f the server you are trying to login to.
on either server, try logging in to the other with:
ssh -vvv
which should provide details as to what is going on. if you continue to have problems, start sshd in "debug" mode on one server on an unused port, and ssh w/ the -v options to that port.
There is also a config file option for sshd which can relax the permissions required if necessary. see "man sshd_config" and "StrictModes" option for details.
As mentioned, you did not provide any values for permissions on $HOME (very important), .ssh and all the files in .ssh. $HOME cannot be world-writable (ie, 777). .ssh should be 700 and all the files in .ssh must be 600. While slightly more open permissions may work, these are recommended. Also, it is important to use ssh -vvv remote-host and paste the last 50 lines so we can examine the reason for the failure. HP-UX version(s) would be useful too.
