HPE Community
Operating System - HP-UX
1834149 Members
2428 Online
110064 Solutions
New Discussion

Re: Remote ssh without password

 
haeman
Frequent Advisor

‎10-05-2008 07:39 PM

‎10-05-2008 07:39 PM

Remote ssh without password

I have setup ssh for remote user connection , now user ssh from server A to server B is no need to input password , it works fine .

But server B have a change password policy ( the user is required to change password every month , that means the password will be expired every month ) , so when user ssh to server B , they are required to change password when it was expired , can advise how to let the user is no need to change password when login with remote ssh , but still need to change password when normal login , eg. telnet , ftp etc ?

Thx
0 Kudos
Reply
12 REPLIES 12
SKR_1
Trusted Contributor

‎10-05-2008 07:50 PM

‎10-05-2008 07:50 PM

Re: Remote ssh without password

Make the entry of B server hostname in .rhosts file in perticuler user home directory on server A & vice versa.

Thanks

SKR
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎10-05-2008 08:13 PM

‎10-05-2008 08:13 PM

Re: Remote ssh without password

>SKR: Make the entry of B server hostname in .rhosts file in particular user home directory on server A & vice versa.

.rhosts has nothing to do with ssh, just rcp, rlogin and remsh.

I would assume there isn't a way to do this, I have to change my password with rlogin and .rhosts.
0 Kudos
Reply
Jeeshan
Honored Contributor

‎10-05-2008 09:17 PM

‎10-05-2008 09:17 PM

Re: Remote ssh without password

check this attachement.
a warrior never quits
0 Kudos
Reply
Asif Sharif
Honored Contributor

‎10-05-2008 09:34 PM

‎10-05-2008 09:34 PM

Re: Remote ssh without password

http://docs.hp.com/en/5991-7493/ch04.html
Regards,
Asif Sharif
0 Kudos
Reply
Sandeep_Chaudhary
Trusted Contributor

‎10-05-2008 09:59 PM

‎10-05-2008 09:59 PM

Re: Remote ssh without password

8 ssh-keygen -t dsa -f .ssh/id_dsa
9 ls -ali .ssh
10 touch .ssh/authorized_keys2
11 chmod 640 .ssh/authorized_keys2
12 ls -ali
( copy id_dsa.pub file to other machine at $HOME)

13 cat id_dsa.pub>>.ssh/authorized_keys2
16 rm id_dsa.pub

18 cd .ssh
20 ln -s authorized_keys2 authorized_keys



rau as ftporacl@suxde082 [/home/ftporacl]
# ls -ali .ssh
total 64
356 drwxr-xr-x 2 ftporacl users 96 Mar 12 15:25 .
319 drwxr-xr-x 3 ftporacl users 8192 Mar 12 15:24 ..
360 lrwxr-xr-x 1 ftporacl users 16 Mar 12 15:25 authorized_keys -> authorized_keys2
359 -rw-r----- 1 ftporacl users 601 Mar 12 15:22 authorized_keys2
357 -rw------- 1 ftporacl users 668 Mar 12 15:15 id_dsa
358 -rw-r--r-- 1 ftporacl users 607 Mar 12 15:15 id_dsa.pub
0 Kudos
Reply
haeman
Frequent Advisor

‎10-05-2008 10:48 PM

‎10-05-2008 10:48 PM

Re: Remote ssh without password

thx Sandeep_Chaudhary's reply ,

can advise in which server ( server A or server B )that I should run the below command ,

8 ssh-keygen -t dsa -f .ssh/id_dsa
9 ls -ali .ssh
10 touch .ssh/authorized_keys2
11 chmod 640 .ssh/authorized_keys2
12 ls -ali
13 cat id_dsa.pub>>.ssh/authorized_keys2
16 rm id_dsa.pub
18 cd .ssh
20 ln -s authorized_keys2 authorized_keys
0 Kudos
Reply
Thierry D
Valued Contributor

‎10-05-2008 11:20 PM

‎10-05-2008 11:20 PM

Re: Remote ssh without password

Hi haeman

Here find on which server to do what:

Server A:
ssh-keygen -t dsa -f .ssh/id_dsa

Server B:
(first you will need to copy the file from server A to B using scp or other ...)
cat id_dsa.pub>>.ssh/authorized_keys2

Server A:
use ssh with the user private key to connect to Server B.

Thats the big steps to make it work, hope it helps.

Regards,
Thierry
0 Kudos
Reply
Jeeshan
Honored Contributor

‎10-05-2008 11:28 PM

‎10-05-2008 11:28 PM

Re: Remote ssh without password

check my attachement, there is expalanations.
a warrior never quits
0 Kudos
Reply
haeman
Frequent Advisor

‎10-05-2008 11:42 PM

‎10-05-2008 11:42 PM

Re: Remote ssh without password

thx reply ,

I am wonder the steps ,

I already set the user from server A is no need to use password to connect server B via ssh , but what I want now is I want the user is NO NEED TO CHANGE PASSWORD ( even the password is expired in server B ) , the above steps is fit the requirement ? thx
0 Kudos
Reply
Thierry D
Valued Contributor

‎10-05-2008 11:51 PM

‎10-05-2008 11:51 PM

Re: Remote ssh without password

Hi haeman

No you won't need to change the password because it is not password dependent.

Its another mechanism which does not care about password at all

read the link and search for "How to Use RSA Key Authentication with SSH".

http://chxo.com/be2/20030905_77fe.html


Regards,
Thierry
0 Kudos
Reply
F Verschuren
Esteemed Contributor

‎10-06-2008 12:21 AM

‎10-06-2008 12:21 AM

Re: Remote ssh without password

Hi,

If a acount is locked (and you configgured ssh corectly (pam on)) you have to change the passwd even when you use a key.

the only way to fix this is to use to sepperate users, one for normal login whit the passwd rulles on and one user that does not have the passwd rulles on.
If you use sudo you can give the one user the rights to switch to the other user.

0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎10-06-2008 12:24 AM

‎10-06-2008 12:24 AM

Re: Remote ssh without password

Shalom,

http://www.hpux.ws/?p=19

They key issue here is ownership and permissions on the home directory and .ssh folder. If not precise password free access will not work.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.