Operating System - HP-UX
1748198 Members
2601 Online
108759 Solutions
New Discussion

Re: Passwordless SSH from HP-UX to Linux

 
S.J. Sarwar
Occasional Advisor

Passwordless SSH from HP-UX to Linux

Dear All,

I am trying to establish passwordless SSH/SCP from a HP-UX machine to a Linux Machine. I tried copying the "id_rsa.pub" from the HP-UX box to the "authorized_keys" of the Linux Box.
This does not help.
Please comeback on this.......

Thanks
Sarwar.
5 REPLIES 5
James A. Donovan
Honored Contributor

Re: Passwordless SSH from HP-UX to Linux

Try creating a DSA key-pair on your HP-UX box. The Linux system may not be configured to accept an RSA key.

$ ssh-keygen -t dsa -N ""

Then copy the id_dsa.pub into the authorized_keys file on the Linux box.

Also double check the permissions on the Linux system. Incorrect permissions will also prevent login.

[oracle@sdb1 oracle]$ ll -d .ssh
drwx------ 2 oracle oinstall 4096 Sep 30 12:01 .ssh
[oracle@sdb1 oracle]$ ll .ssh
total 16
-rw-r--r-- 1 oracle oinstall 1218 Jun 21 2005 authorized_keys
Remember, wherever you go, there you are...
Jean-Yves Picard
Trusted Contributor

Re: Passwordless SSH from HP-UX to Linux

hello,

have you check rights ?
authorized_keys must be rw------- (400)
.ssh directory must be rwx------ (700)
'you' must be owner of directory and file.

if owner on hp-ux and linux are different, don't forget @ option
e.g. ssh linuxuser@linux ls

you might wish to use -i ~/.ssh/id_rsa option.


lines in /etc/ssh/shhd_config like

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

must be uncommented.

Jean-Yves Picard
Senthil Prabu.S_1
Trusted Contributor

Re: Passwordless SSH from HP-UX to Linux

Hi,
plz use the attached doc. It talks about ssh password-less authentication between two solaris machines. It is same for HPUX and linux as well as.


HTH,
Prabu.S
One man's "magic" is another man's engineering. "Supernatural" is a null word.
ammannur
New Member

Re: Passwordless SSH from HP-UX to Linux

HI ALL,

I am facing SSH problem between 2 HP-UX servers

 

I have followed many docs and setup but only from server B to server A is working but server A is upable to connect to server B.

 

Server A

otter:/home1/onevusg/.ssh ls -rlt
total 12
-rw-------   1 onevusg    darics         672 Jun 26 01:52 id_dsa
-rw-------   1 onevusg    darics         603 Jun 26 01:52 id_dsa.pub
-rw-------   1 onevusg    darics        1202 Jun 26 01:55 authorized_keys
-rw-------   1 onevusg    darics         270 Jun 26 01:57 known_hosts
-rw-------   1 onevusg    darics        1024 Jun 26 02:37 prng_

 

 

Server B
[otter:/home/jaek/.ssh] ls -rlt
total 12
-rw-------   1 jaek       darics         668 Jun 26 02:21 id_dsa
-rw-------   1 jaek       darics         600 Jun 26 02:21 id_dsa.pub
-rw-------   1 jaek       darics        1202 Jun 26 02:24 authorized_keys
-rw-------   1 jaek       darics         270 Jun 26 02:32 known_hosts
-rw-------   1 jaek       darics        1024 Jun 26 02:47 prng_seed
[otter:/home/jaek/.ssh]

 

please see the verbose.

 

otter:/home1/onevusg/.ssh ssh -l jaek 192.20.81.12 -v
OpenSSH_4.1, OpenSSL 0.9.7e 25 Oct 2004
HP-UX Secure Shell-A.04.10.002, HP-UX Secure Shell version
debug1: Reading configuration data /opt/ssh/etc/ssh_config
debug1: Connecting to 192.20.81.12 [192.20.81.12] port 22.
debug1: Connection established.
debug1: identity file /home1/onevusg/.ssh/id_rsa type -1
debug1: identity file /home1/onevusg/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.1
debug1: match: OpenSSH_4.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '192.20.81.12' is known and matches the RSA host key.
debug1: Found key in /home1/onevusg/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home1/onevusg/.ssh/id_rsa
debug1: Offering public key: /home1/onevusg/.ssh/id_dsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
Password:

 

 

 

 

Please suggest.

 

 

Matti_Kurkela
Honored Contributor

Re: Passwordless SSH from HP-UX to Linux

You should have started your own thread using the "New Post" button at the top of the board view instead of adding your question as a reply to an old thread.

 

Anyway... your authorized_keys file has the same length (1202 bytes) on both systems.

Assuming that you have added into it the id_dsa.pub files from both servers, the length is off by one: 600 + 603 should be 1203, not 1202. Perhaps you've added the key by copy/pasting, and forgotten the line-feed character from the last line of the authorized_keys file? This might cause the sshd daemon to ignore the key on the improperly-terminated line.

 

Also check /var/adm/syslog/syslog.log on server B: that is where sshd normally reports _why_ it is rejecting a particular user.

MK