System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

ssh passwordless connection problem

mrk_1
Frequent Advisor

ssh passwordless connection problem

Hi,
I tried to setup the passwordless connection to remote host on HP-UX server.
but still its asking password to connect to remote host.

Attached the procedure.

Can anyone help me to solve the problem.

Thanks in advance.
14 REPLIES
Steven Schweda
Honored Contributor

Re: ssh passwordless connection problem

Search the Forum. This has been covered
countless times.

"ssh -v [...]" is usually helpful, for a
start.
Uday_S_Ankolekar
Honored Contributor

Re: ssh passwordless connection problem

Also check the permissions of destination ~home and !home/.ssh directory.
ssh does not like if permission is open for others.

-USA..
Good Luck..
Jeroen Peereboom
Honored Contributor

Re: ssh passwordless connection problem

chmod 777 authorized_keys????

better make it chmod 640 !

cannot check the required settings of .ssh directory itself...

JP
mrk_1
Frequent Advisor

Re: ssh passwordless connection problem

Hi,
Thanks for the reply.

what would be the permission for .ssh folder.
I changer the chmod 640 for authorized_keys.

Thanks,
Ram
OldSchool
Honored Contributor

Re: ssh passwordless connection problem

svr# ls -ld .ssh
drwx------ 2 root system 512 Jul 03 2007 .ssh
svr# ls -l .ssh
total 40
-rw------- 1 root system 214 Jul 03 2007 authorized_keys
-rw-r--r-- 1 root system 12599 Dec 11 14:18 known_hosts
svr#
mrk_1
Frequent Advisor

Re: ssh passwordless connection problem

ls -ld .ssh
drwx------ 2 user1 users 1024 Jan 23 19:20 .ssh


ls -l .ssh
total 4
-rw-r--r-- 1 user1 users 394 Jan 23 19:18 authorized_keys
-rw-r--r-- 1 user1 users 884 Jan 23 19:18 known_hosts

Still not working.

Thanks.
mrk_1
Frequent Advisor

Re: ssh passwordless connection problem

I tried in loal host:

user1@A[XXX]:/users/user1/admin [1] ssh -v B

OpenSSH_4.3p2-hpn, OpenSSL 0.9.7i 14 Oct 2005
HP-UX Secure Shell-A.04.30.006, HP-UX Secure Shell version
debug1: Reading configuration data /opt/ssh/etc/ssh_config
debug1: Connecting to b [xxxxxxxxx] port 22.
debug1: Connection established.
debug1: identity file /users/user1/admin/.ssh/id_rsa type 1
debug1: identity file /users/user1/admin/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3p2-hpn
debug1: match: OpenSSH_4.3p2-hpn pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3p2-hpn
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'B' is known and matches the RSA host key.
debug1: Found key in /users/user1/admin/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: /users/user1/admin/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: /users/user1/admin/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
Password:


Still asking password....
OldSchool
Honored Contributor

Re: ssh passwordless connection problem

I said:
ls -ld .ssh
drwx------ 2 root system 512 Jul 03 2007 .ssh
ls -l .ssh
total 40
-rw------- 1 root system 214 Jul 03 2007 authorized_keys
-rw-r--r-- 1 root system 12599 Dec 11 14:18 known_hosts
svr#

You said:
ls -ld .ssh
drwx------ 2 user1 users 1024 Jan 23 19:20 .ssh
ls -l .ssh
total 4
-rw-r--r-- 1 user1 users 394 Jan 23 19:18 authorized_keys
-rw-r--r-- 1 user1 users 884 Jan 23 19:18 known_hosts

Do you see the difference?

And the permissions need to be correct on both ends of the connection.
mrk_1
Frequent Advisor

Re: ssh passwordless connection problem

Hi all,
I found below error in /var/adm/syslog/syslog.log at remote host B when I tried from local host A.

Jan 23 19:58:07 B sshd[22075]: Authentication refused: bad ownership or modes for directory /users/user1/admin

Home directory of user1 is looking bad authendication at Remote host.

Is it necessary to be same permission for both HOME directory.

Thanks.
mrk_1
Frequent Advisor

Re: ssh passwordless connection problem

Hi,
I changed the permission as you mentioned.

-rwx------ 1 user1 users 394 Jan 23 19:18 authorized_keys

But, Still its asking password.

How do I change the HOME directory permission, If its required to change.

Thanks.
OldSchool
Honored Contributor

Re: ssh passwordless connection problem

"Jan 23 19:58:07 B sshd[22075]: Authentication refused: bad ownership or modes for directory /users/user1/admin"

where is the .ssh directory located? in /users/user1/admin??? if so, you need to lock that down. in addition the permissions on the "authorized_keys" file needs to be set.

the permissions need to be set up such that no one other that the owner can remove/replace the keys. as noted before, this is all explained in other posts here.

mrk_1
Frequent Advisor

Re: ssh passwordless connection problem


Thank you very much for all your help.
Finally issue is resolved.
I changed the permission of the user home directory.
The home directory of local and remote host must be same. I found this one of other thread of this forum.
So, I changed the permission of the home directory and its working fine now.

But it should be done by root user i think.i tried this in root user only. As the normal user cant change their own home directory permission.

Can any one confirm me that is it correct.

Thanks,
Ram
Dennis Handly
Acclaimed Contributor

Re: ssh passwordless connection problem

>As the normal user can't change their own home directory permission.

Typically the user owns his own home directory so he can change its permissions.
mrk_1
Frequent Advisor

Re: ssh passwordless connection problem

Thanks Dennis..
I tried to change home directory permission using normal user. I am able to change the home directory. Its working now...

Once again thank you all..

Cheers,
Ram