HPE Community
Operating System - HP-UX
1752584 Members
4401 Online
108788 Solutions
New Discussion юеВ

Re: ssh keys.

 
fizan
Super Advisor

тАО10-21-2009 11:01 PM

тАО10-21-2009 11:01 PM

ssh keys.

i have generated a public key and i uploaded in the destintion server in /home/test/.ssh/authorised_keys and the permission and ownership is to that test:test so its 600 authorised_keys and .ssh is 700 so after that also while connection it says as permission denied!! any configurations settings need to be changed?

Thanks..
0 Kudos
Reply
7 REPLIES 7
R.K. #
Honored Contributor

тАО10-21-2009 11:09 PM

тАО10-21-2009 11:09 PM

Re: ssh keys.

Hi Fizan,

Attached an extract from SNA-2 dealing with ssh.

May be this is of some help.
Don't fix what ain't broke
0 Kudos
Reply
Suraj K Sankari
Honored Contributor

тАО10-21-2009 11:26 PM

тАО10-21-2009 11:26 PM

Re: ssh keys.

HI,
Here is the Steps:
On the client run the following commands:

$ mkdir -p $HOME/.ssh
$ chmod 0700 $HOME/.ssh
$ ssh-keygen -t dsa -f $HOME/.ssh/id_dsa -P ''

This should result in two files, $HOME/.ssh/id_dsa (private key) and $HOME/.ssh/id_dsa.pub (public key).
Copy $HOME/.ssh/id_dsa.pub to the server.

On the server run the following commands:

$ cat id_dsa.pub >> $HOME/.ssh/authorized_keys2
$ chmod 0600 $HOME/.ssh/authorized_keys2

Depending on the version of OpenSSH the following commands may also be required:
$ cat id_dsa.pub >> $HOME/.ssh/authorized_keys
$ chmod 0600 $HOME/.ssh/authorized_keys

An alternative is to create a link from authorized_keys2 to authorized_keys:
$ cd $HOME/.ssh && ln -s authorized_keys2 authorized_keys

On the client test the results by ssh'ing to the server:

$ ssh -i $HOME/.ssh/id_dsa server

(Optional) Add the following $HOME/.ssh/config on the client:

Host server
IdentityFile ~/.ssh/id_dsa

This allows ssh access to the server without having to specify the path to the id_dsa file as an argument to ssh each time.

Suraj
0 Kudos
Reply
fizan
Super Advisor

тАО10-21-2009 11:43 PM

тАО10-21-2009 11:43 PM

Re: ssh keys.

while try connecting it shows as

Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Trying private key: ""
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-with-mic,password).
Unable to connect to the remote system, permission denied
The test of system [WEBSRV_aero] failed!




0 Kudos
Reply
fizan
Super Advisor

тАО10-21-2009 11:56 PM

тАО10-21-2009 11:56 PM

Re: ssh keys.

hi Rk,

can you attach the gud docs its corrupted which u have provided.
0 Kudos
Reply
Steven Schweda
Honored Contributor

тАО10-22-2009 07:46 AM

тАО10-22-2009 07:46 AM

Re: ssh keys.

There must be dozens (hundreds?) of threads
in this forum involving SSH configuration.
Did you read any of them?

> any configurations settings need to be
> changed?

Probably, but we non-psychics can't really
see what you have now. As usual, showing
actual commands with their actual output can
be more helpful than vague descriptions and
interpretations. "ls -l" is a good one.

> while try connecting it shows as

Is that output from "ssh -v [...]"? Where is
the rest of it?

> debug1: Trying private key: ""

That doesn't look like a good key file name.

> debug1: No more authentication methods to try.
> Permission denied (publickey,gssapi-with-mic,password).
> Unable to connect to the remote system, permission denied

I don't think that it's talking about file
permissions there, only the fact that you
couldn't authenticate.

> The test of system [WEBSRV_aero] failed!

Should that mean something to me? It
doesn't.
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО10-22-2009 08:35 AM

тАО10-22-2009 08:35 AM

Re: ssh keys.

Shalom fizan,

Check your procedure against these two documents.

http://www.hpux.ws/?p=10

http://www.hpux.ws/?p=19

The first is relevant. The second is really cool to know.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
OldSchool
Honored Contributor

тАО10-22-2009 08:55 AM

тАО10-22-2009 08:55 AM

Re: ssh keys.

"Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Trying private key: ""
debug1: No more authentication methods to try. .."

1) Well, how did you attempt to connect to it *exactly*. ssh or PuTTY or ??? What did you specify for the id file? You did specify one right?

2) It appears you've omitted some of the debug output...somewhere it should have told you that it attempted to connect using a public key "xxxx"?

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.