HPE Community
Operating System - HP-UX
1836952 Members
2014 Online
110112 Solutions
New Discussion

passwordless ssh

 
ROSS HANSON
Regular Advisor

‎03-14-2005 08:58 AM

‎03-14-2005 08:58 AM

passwordless ssh

I am trying to acces one hpux machine from another hpux machine without having to put in a password. I have been reading other threads about this on the forums but I guess I just don't get it. For the purpose of creating a script to obtain files I need to scp or sftp to another hpux machine once an hour get these files and place them back on the machine I started from. I have created the authorized keys and had them placed on all the other machines but when I test this "passwordless entry" on the command line I am once again asked for a password. Please direct me to a easy understanding source to read
Ross Hanson
0 Kudos
Reply
3 REPLIES 3
Steven E. Protter
Exalted Contributor

‎03-14-2005 09:19 AM

‎03-14-2005 09:19 AM

Re: passwordless ssh

Attaching a document.

You can ignore the X windows part and just use cat.

pay close attention to permissions.

SEP

toda raba Chris
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
TwoProc
Honored Contributor

‎03-14-2005 09:19 AM

‎03-14-2005 09:19 AM

Re: passwordless ssh

Let's assume a few basic things...
A) Machine names MA and MB
B) username - myuser

A) First go to each machine and as myuser run the command:
ssh-keygen -t rsa
agree to everything by default, and put no additional password when asked.

B) On MA and as user myuser
cd .ssh
chmod 700 . *
cat id_rsa.pub >> authorized_keys2
chmod 700 authorized_keys2

You've just allowed yourself to ssh onto MA -
try it...
ssh MA
...it should ask you to verify a key about the hostname - be agreeable and let it.
... You should now be logged onta MA as myuser.

C) repeat B) on server MB

Now all we need is to append the public_keys for MA and append it to the authorized_keys2 file on server MB, and vice-versa:

D) From server MB
cd .ssh
scp -p MA:/home/myuser/.ssh/id_rsa.pub id_rsa.MA
...you'll have to put in a password - do it.
cat id_rsa.MA >> authorized_keys2
rm id_rsa.MA
... You've just allowed myuser from MA to ssh over to MB ...

E) Do step D) on server MA
cd .ssh
scp -p MB:/home/myuser/.ssh/id_rsa.pub
id_rsa.MB
...you'll have to put in a password - do it.
cat id_rsa.MB >> authorized_keys
rm id_rsa.MB
... You've just allowed myuser from MA to ssh over to MB ...


Now, that's the simple version - there are lots of options, servers that run and distribute keys for you, policies, etc. that you need to review and set, etc.

But, that should be enough of a quick n dirty to start seeing how it works and what makes things integrate.
We are the people our parents warned us about --Jimmy Buffett
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎03-14-2005 09:25 AM

‎03-14-2005 09:25 AM

Re: passwordless ssh

Check the permissions on the users home directory and on the .ssh directory and the associated files. About 90% of the time, the problem is that permissions are too open.

You want your home directory to be -rwxr-x--- (760 permission) ideally. The .ssh directory should be -rwx------ (700 permission) and the files in the .ssh directory should be -r-------- or -rw------- (400 or 600 permissions).

Check those, correct them and then see what happens.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.