Search the Forum. This has been covered
countless times.

"ssh -v [...]" is usually helpful, for a
start.

Also check the permissions of destination ~home and !home/.ssh directory.
ssh does not like if permission is open for others.

-USA..

chmod 777 authorized_keys????

better make it chmod 640 !

cannot check the required settings of .ssh directory itself...

JP

Hi,
Thanks for the reply.

what would be the permission for .ssh folder.
I changer the chmod 640 for authorized_keys.

Thanks,
Ram

svr# ls -ld .ssh
drwx------ 2 root system 512 Jul 03 2007 .ssh
svr# ls -l .ssh
total 40
-rw------- 1 root system 214 Jul 03 2007 authorized_keys
-rw-r--r-- 1 root system 12599 Dec 11 14:18 known_hosts
svr#

ls -ld .ssh
drwx------ 2 user1 users 1024 Jan 23 19:20 .ssh


ls -l .ssh
total 4
-rw-r--r-- 1 user1 users 394 Jan 23 19:18 authorized_keys
-rw-r--r-- 1 user1 users 884 Jan 23 19:18 known_hosts

Still not working.

Thanks.

I tried in loal host:

user1@A[XXX]:/users/user1/admin [1] ssh -v B

OpenSSH_4.3p2-hpn, OpenSSL 0.9.7i 14 Oct 2005
HP-UX Secure Shell-A.04.30.006, HP-UX Secure Shell version
debug1: Reading configuration data /opt/ssh/etc/ssh_config
debug1: Connecting to b [xxxxxxxxx] port 22.
debug1: Connection established.
debug1: identity file /users/user1/admin/.ssh/id_rsa type 1
debug1: identity file /users/user1/admin/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3p2-hpn
debug1: match: OpenSSH_4.3p2-hpn pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3p2-hpn
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'B' is known and matches the RSA host key.
debug1: Found key in /users/user1/admin/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: /users/user1/admin/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: /users/user1/admin/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
Password:


Still asking password....

I said:
ls -ld .ssh
drwx------ 2 root system 512 Jul 03 2007 .ssh
ls -l .ssh
total 40
-rw------- 1 root system 214 Jul 03 2007 authorized_keys
-rw-r--r-- 1 root system 12599 Dec 11 14:18 known_hosts
svr#

You said:
ls -ld .ssh
drwx------ 2 user1 users 1024 Jan 23 19:20 .ssh
ls -l .ssh
total 4
-rw-r--r-- 1 user1 users 394 Jan 23 19:18 authorized_keys
-rw-r--r-- 1 user1 users 884 Jan 23 19:18 known_hosts

Do you see the difference?

And the permissions need to be correct on both ends of the connection.

Hi all,
I found below error in /var/adm/syslog/syslog.log at remote host B when I tried from local host A.

Jan 23 19:58:07 B sshd[22075]: Authentication refused: bad ownership or modes for directory /users/user1/admin

Home directory of user1 is looking bad authendication at Remote host.

Is it necessary to be same permission for both HOME directory.

Thanks.

Hi,
I changed the permission as you mentioned.

-rwx------ 1 user1 users 394 Jan 23 19:18 authorized_keys

But, Still its asking password.

How do I change the HOME directory permission, If its required to change.

Thanks.

"Jan 23 19:58:07 B sshd[22075]: Authentication refused: bad ownership or modes for directory /users/user1/admin"

where is the .ssh directory located? in /users/user1/admin??? if so, you need to lock that down. in addition the permissions on the "authorized_keys" file needs to be set.

the permissions need to be set up such that no one other that the owner can remove/replace the keys. as noted before, this is all explained in other posts here.

Thank you very much for all your help.
Finally issue is resolved.
I changed the permission of the user home directory.
The home directory of local and remote host must be same. I found this one of other thread of this forum.
So, I changed the permission of the home directory and its working fine now.

But it should be done by root user i think.i tried this in root user only. As the normal user cant change their own home directory permission.

Can any one confirm me that is it correct.

Thanks,
Ram

>As the normal user can't change their own home directory permission.

Typically the user owns his own home directory so he can change its permissions.

Thanks Dennis..
I tried to change home directory permission using normal user. I am able to change the home directory. Its working now...

Once again thank you all..

Cheers,
Ram