- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- secure shell ssh demands password eventhough I set...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 03:14 AM
01-04-2005 03:14 AM
I'm new to secure shell and like many I can't seem to connect to another system without getting prompted for a password.
I've looked thru many threads but I can't seem to find a scenario that is similar to mine.
General info:
Client_A (really a server acting as a client) running HPUX 11.11, ssh A.03.61.002
Server_B running HPUX 11.11, A.03.61.002
Before I get into the details on how I set up the keys, here is the output I get when I make the ssh connection using debugging/verbose option:
@ClientA::creindk_ /home/creindk/.ssh> ssh -v ServerB bdf
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090702f
debug1: Reading configuration data /opt/ssh/etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: Connecting to ServerB [IP Address is here] port 22.
debug1: Connection established.
debug1: identity file /home/creindk/.ssh/identity type -1
debug1: identity file /home/creindk/.ssh/id_rsa type -1
debug1: identity file /home/creindk/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.6.1p2
debug1: match: OpenSSH_3.6.1p2 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_3.6.1p2
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'ServerB' is known and matches the RSA1 host key.
debug1: Found key in /home/creindk/.ssh/known_hosts:6
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Trying Kerberos v5 authentication.
debug1: Kerberos v5: krb5_init_context failed
debug1: Trying Kerberos v4 authentication.
debug1: RSA authentication using agent refused.
debug1: Doing challenge response authentication.
debug1: No challenge.
debug1: Doing password authentication.
creindk@ServerB's password:
Here are the permissions on both systems in question:
ClientA:
ll -d home/creindk
drwxr-xr-x 5 creindk techsup 8192 Jan 4 07:19 home/creindk
ll -d home/creindk/.ssh
drwx------ 2 creindk techsup 8192 Dec 30 15:54 home/creindk/.ssh
ll -d home/creindk/.ssh/*
-rw------- 1 creindk techsup 951 Jan 4 07:44 home/creindk/.ssh/kirktest
-rw-r--r-- 1 creindk techsup 226 Jan 4 07:44 home/creindk/.ssh/kirktest.pub
-rw-r--r-- 1 creindk techsup 2027 Dec 30 14:57 home/creindk/.ssh/known_hosts
-rw------- 1 creindk techsup 1024 Jan 4 09:20 home/creindk/.ssh/prng_seed
ServerB:
ll -d home/creindk
drwxr-xr-x 5 creindk users 8192 Jan 4 09:16 home/creindk
ll -d home/creindk/.ssh
drwx------ 2 creindk techsup 8192 Jan 4 07:47 home/creindk/.ssh
ll -d home/creindk/.ssh/*
-rwxr-xr-x 1 creindk techsup 226 Jan 4 07:49 home/creindk/.ssh/authorized_keys
-rw-r--r-- 1 creindk techsup 226 Jan 4 07:47 home/creindk/.ssh/kirktest.pub
-rw-r--r-- 1 creindk techsup 911 Dec 30 13:56 home/creindk/.ssh/known_hosts
-rw------- 1 creindk techsup 1024 Dec 30 13:56 home/creindk/.ssh/prng_seed
Here is what I've done to try to make this work.
ClientA>ssh-keygen -t rsa -f kirktest
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): enter
Enter same passphrase again: enter
Your identification has been saved in kirktest.
Your public key has been saved in kirktest.pub.
The key fingerprint is:
5d:74:98:60:8e:01:f5:b1:9c:e7:b2:ca:9d:a9:52:4f creindk@ClientA
ClientA>ll
total 64
-rw------- 1 creindk techsup 883 Jan 4 09:42 kirktest
-rw-r--r-- 1 creindk techsup 226 Jan 4 09:42 kirktest.pub
-rw-r--r-- 1 creindk techsup 2027 Dec 30 14:57 known_hosts
-rw------- 1 creindk techsup 1024 Jan 4 09:42 prng_seed
Now, copy pub key to ServerB and append to a file called authorized_keys
@ClientA::creindk_ /home/creindk/.ssh> scp kirktest.pub ServerB:/home/creindk/.ssh/kirktest.pub
creindk@ServerB password:
kirktest.pub 100% 226 564.4KB/s 00:00
@ClientA::creindk_ /home/creindk/.ssh>
@ServerB::creindk_ /home/creindk/.ssh> touch authorized_keys
@ServerB::creindk_ /home/creindk/.ssh> chmod 644 authorized_keys
@ServerB::creindk_ /home/creindk/.ssh> cat kirktest.pub >> authorized_keys
@ServerB::creindk_ /home/creindk/.ssh> ls -la
total 96
drwx------ 2 creindk techsup 8192 Jan 4 09:50 .
drwxr-xr-x 5 creindk users 8192 Jan 4 09:49 ..
-rw-r--r-- 1 creindk techsup 226 Jan 4 09:52 authorized_keys
-rw-r--r-- 1 creindk techsup 226 Jan 4 09:48 kirktest.pub
-rw-r--r-- 1 creindk techsup 911 Dec 30 13:56 known_hosts
-rw------- 1 creindk techsup 1024 Dec 30 13:56 prng_seed
@ServerB::creindk_ /home/creindk/.ssh>
Again try the connection from ClientA to ServerB
I get the exact same results as listed above.
Any ideas.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 03:17 AM
01-04-2005 03:17 AM
SolutionI'm attaching my cheat sheet and in your shoes would check permissions on files and directories.
Also 3.8 of openssh has been ported to hpux and might help.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 03:31 AM
01-04-2005 03:31 AM
Re: secure shell ssh demands password eventhough I set up keys
2) Remove the world read permission from ALL files in the /home/creindk directory and all sub-directories. SSH is VERY sensitive to permissions and there is absolutely no reason for anything in the .ssh sub-dir to be world-readable.
You probably should also remove the world read and execute bits from your homedir itself so that the permissions are just rwxr-x---
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 03:55 AM
01-04-2005 03:55 AM
Re: secure shell ssh demands password eventhough I set up keys
Try this link and see if it helps.
Make sure you are creating the correct key for the versions of sshd servers it is connecting to.
http://bumblebee.lcs.mit.edu/ssh2/
Hope this helps.
Regds
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 05:13 AM
01-04-2005 05:13 AM
Re: secure shell ssh demands password eventhough I set up keys
Chris
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 05:13 AM
01-04-2005 05:13 AM
Re: secure shell ssh demands password eventhough I set up keys
Here is a portion of the syslog.log file when I do a ssh from ClientA to ServerB.
It is almost like it doesn't even attempt to authenticate without prompting for a password, because all I see in the log is this:
Jan 4 12:09:46 c8mkes60 sshd[4313]: Accepted password for creindk from x.x.x.x port 52717
Any other ideas on how I could more easily troubleshoot this? Do my steps look correct for how I set up the keys??
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 05:48 AM
01-04-2005 05:48 AM
Re: secure shell ssh demands password eventhough I set up keys
I have checked permissions in both ~/.ssh directories on both client and server. I feel pretty confident on the permissions; I think I need to look somewhere else.
ClientA/home/creindk/.ssh> ll
total 64
-rw-r----- 1 creindk techsup 883 Jan 4 09:42 kirktest
-rw-r--r-- 1 creindk techsup 226 Jan 4 09:42 kirktest.pub
-rw-r--r-- 1 creindk techsup 2027 Dec 30 14:57 known_hosts
-rw-r--r-- 1 creindk techsup 1024 Jan 4 12:26 prng_seed
ServerB::creindk_ /home/creindk/.ssh> ll
total 64
-rw-r--r-- 1 creindk techsup 226 Jan 4 09:52 authorized_keys
-rw-r--r-- 1 creindk techsup 226 Jan 4 09:48 kirktest.pub
-rw-r--r-- 1 creindk techsup 911 Dec 30 13:56 known_hosts
-rw-r--r-- 1 creindk techsup 1024 Dec 30 13:56 prng_seed
ServerB::creindk_ /home/creindk/.ssh>
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 05:52 AM
01-04-2005 05:52 AM
Re: secure shell ssh demands password eventhough I set up keys
Chris
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 06:14 AM
01-04-2005 06:14 AM
Re: secure shell ssh demands password eventhough I set up keys
On both system do this:
# cd /home/creindk
# chmod -R 600 .ssh
There is absolutely NO reason for the .ssh directory to be available to anyone but the owner. That is in fact a big security hole. Someone could easily steal your keys that way.
If you do that, I think you will have much better luck.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 06:19 AM
01-04-2005 06:19 AM
Re: secure shell ssh demands password eventhough I set up keys
The permissions on the ~/home/creindk on both systems were 644.
I changed to 755 on both systems. Still no luck.
One thing I can add is this.
After I made the permissions 755, I did a tail -f /var/adm/syslog/syslog.log on the server the one with the .pub file.
Then I said okay, let's see what happens right away when right when I do the $ssh ServerB (For example, don't key in the password just look if the syslog.log sees you trying to authenticate.
The result was, nothing got logged to syslog. But when I key in my password and strike return, then I get:
Jan 4 13:15:53 ServerB sshd[2105]: Accepted password for creindk from 10.10.72.63 port 52941
It almost seems like it isn't trying to "automatically log in".
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 06:25 AM
01-04-2005 06:25 AM
Re: secure shell ssh demands password eventhough I set up keys
YOU ARE WAY TOO WIDE OPEN ON PERMISSIONS.
Please just try the permissions at 600 and see what happens.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 06:45 AM
01-04-2005 06:45 AM
Re: secure shell ssh demands password eventhough I set up keys
I chmoded 600 -R .ssh, but it bombed because it couldn't change permissions on the files in .ssh/
Did you mean $ chmod 600 -R .ssh/* ??
I made the changes with .ssh being 600 and the files beneath .ssh 600 and I got the following results.
clientA::creindk_ /home/creindk> ssh ServerB
The authenticity of host 'ServerB (IP Address)' can't be established.
RSA1 key fingerprint is 37:0f:2c:02:22:66:aa:ea:0a:db:b6:8a:fd:6a:c6:31.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/creindk/.ssh/known_hosts).
creindk@c8mkes60's password:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 06:50 AM
01-04-2005 06:50 AM
Re: secure shell ssh demands password eventhough I set up keys
Sorry about the permissions mix up. I was just trying to test the solution in an earlier reply from Chris Vail.
I'm desparate here.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 06:57 AM
01-04-2005 06:57 AM
Re: secure shell ssh demands password eventhough I set up keys
I did mean .ssh/* for the 600 permissions. The .ssh directory itself should be 700 (drwx------) permissions.
Try that and see what happens.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 07:35 AM
01-04-2005 07:35 AM
Re: secure shell ssh demands password eventhough I set up keys
Client A=c8mkes34
Server B=c8mkes60
c8mkes34 settings
@c8mkes34::creindk_ /home/creindk> ll -d .ssh
drwx------ 2 creindk techsup 96 Jan 4 09:42 .ssh
@c8mkes34::creindk_ /home/creindk> ll .ssh/*
-rw------- 1 creindk techsup 883 Jan 4 09:42 .ssh/kirktest
-rw------- 1 creindk techsup 226 Jan 4 09:42 .ssh/kirktest.pub
-rw------- 1 creindk techsup 2027 Dec 30 14:57 .ssh/known_hosts
-rw------- 1 creindk techsup 1024 Jan 4 13:39 .ssh/prng_seed
@c8mkes34::creindk_ /home/creindk>
From c8mkes34, when I cat known_hosts I can see entries for c8mkes60 listed inside the file. I'd expect this.
c8mkes60 settings
@c8mkes60::creindk_ /home/creindk> ll -d .ssh
drwx------ 2 creindk techsup 8192 Jan 4 09:50 .ssh
@c8mkes60::creindk_ /home/creindk> ll -d .ssh/*
-rw------- 1 creindk techsup 226 Jan 4 09:52 .ssh/authorized_keys
-rw------- 1 creindk techsup 226 Jan 4 09:48 .ssh/kirktest.pub
-rw------- 1 creindk techsup 911 Dec 30 13:56 .ssh/known_hosts
-rw------- 1 creindk techsup 1024 Jan 4 13:06 .ssh/prng_seed
@c8mkes60::creindk_ /home/creindk>
From c8mkes60, when I cat known_hosts I see entries for c8mkes34. I'd expect this.
Still no luck and /var/adm/syslog.log doesn't show anything other then when I key in the correct password and hit enter.
Here is the login process with debug mode on.
c8mkes34::creindk_ /home/creindk> ssh -v c8mkes60
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090702f
debug1: Reading configuration data /opt/ssh/etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: Connecting to c8mkes60 [IPAddress] port 22.
debug1: Connection established.
debug1: identity file /home/creindk/.ssh/identity type -1
debug1: identity file /home/creindk/.ssh/id_rsa type -1
debug1: identity file /home/creindk/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.6.1p2
debug1: match: OpenSSH_3.6.1p2 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_3.6.1p2
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'c8mkes60' is known and matches the RSA1 host key.
debug1: Found key in /home/creindk/.ssh/known_hosts:6
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Trying Kerberos v5 authentication.
debug1: Kerberos v5: krb5_init_context failed
debug1: Trying Kerberos v4 authentication.
debug1: Doing challenge response authentication.
debug1: No challenge.
debug1: Doing password authentication.
creindk@c8mkes60's password:
debug1: Requesting pty.
debug1: Requesting shell.
debug1: Entering interactive session.
Last successful login for creindk: Tue Jan 4 14:29:12 CST6CDT 2005 on pts/ti
Last unsuccessful login for creindk: Tue Jan 4 14:31:16 CST6CDT 2005
Last login: Tue Jan 4 14:29:12 2005 from c8mkes34.cg.na.
(c)Copyright 1983-2000 Hewlett-Packard Co., All Rights Reserved.
(c)Copyright 1979, 1980, 1983, 1985-1993 The Regents of the Univ. of California
(c)Copyright 1980, 1984, 1986 Novell, Inc.
(c)Copyright 1986-1992 Sun Microsystems, Inc.
(c)Copyright 1985, 1986, 1988 Massachusetts Institute of Technology
(c)Copyright 1989-1993 The Open Software Foundation, Inc.
(c)Copyright 1986 Digital Equipment Corp.
(c)Copyright 1990 Motorola, Inc.
(c)Copyright 1990, 1991, 1992 Cornell University
(c)Copyright 1989-1991 The University of Maryland
(c)Copyright 1988 Carnegie Mellon University
(c)Copyright 1991-2000 Mentat Inc.
(c)Copyright 1996 Morning Star Technologies, Inc.
(c)Copyright 1996 Progressive Systems, Inc.
(c)Copyright 1991-2000 Isogon Corporation, All Rights Reserved.
RESTRICTED RIGHTS LEGEND
Use, duplication, or disclosure by the U.S. Government is subject to
restrictions as set forth in sub-paragraph (c)(1)(ii) of the Rights in
Technical Data and Computer Software clause in DFARS 252.227-7013.
Hewlett-Packard Company
3000 Hanover Street
Palo Alto, CA 94304 U.S.A.
Rights for non-DOD U.S. Government Departments and Agencies are as set
forth in FAR 52.227-19(c)(1,2).
@c8mkes60::creindk_ /home/creindk>
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2005 03:13 PM
01-04-2005 03:13 PM
Re: secure shell ssh demands password eventhough I set up keys
Make sure your server supports public key authentication,
check the following directives are turned ON in sshd_config
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
Try
ssh -l username -o PreferredAuthentications=publickey hostname
if it results
Permission denied (password,keyboard-interactive).
Then it is sure that server has no support to public key authentication.
A detailed server debug messages will be helpfull for further analysis.
Note: Use /opt/ssh/src/ssh/contrib/ssh-copy-id to copy your keys to remote host. (can be executed by root only)
Hope this helps
--
M
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-05-2005 01:08 AM
01-05-2005 01:08 AM
Re: secure shell ssh demands password eventhough I set up keys
Here is a copy of the /opt/ssh/etc/ssh_config file that sits on the Server end (c8mkes60). Please note that I'm new to ssh and have entered an environment where it is believed connectivity works without password authentication.
To me it looks as though the majority of this file is commented out, which for all I know is normal.
@c8mkes60::creindk_ /home/creindk> cat /opt/ssh/etc/ssh_config
# $OpenBSD$
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for various options
# Host *
# ForwardAgent no
# ForwardX11 no
# RhostsAuthentication no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# BatchMode no
# CheckHostIP yes
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
Protocol 2
# Cipher 3des
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# EscapeChar ~
Question: If I were to add the directives you mentioned
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
Do I need to re-read the config into memory? Can I do this without stopping and starting the daemon?
I still get prompted for password using the PreferredAuthentications=publickey option
@c8mkes34::creindk_ /home/creindk> ssh -l creindk -o PreferredAuthentications=publickey c8mkes60
creindk@c8mkes60's password:
c8mkes34_#/opt/ssh/src/ssh/contrib/ssh-copy-id id_rsa.pub c8mkes60:/home/creindk/.ssh/id_rsa.pub
/opt/ssh/src/ssh/contrib/ssh-copy-id: ERROR: No identities found
c8mkes34_#
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2005 04:06 PM
01-09-2005 04:06 PM
Re: secure shell ssh demands password eventhough I set up keys
The config directives belongs to the SSH server. Those config directives should be added to /opt/ssh/etc/sshd_config file of the remote server.
Once you changed a directive, you should restart the server, so that the changes take effect.
Following links may help you in setup the public key authentication
http://cfm.gs.washington.edu/security/ssh/client-pkauth/
http://snags.snu.ac.kr/~patria/ssh.html
http://snags.snu.ac.kr/~patria/ssh.html
Also try
man 5 sshd_config
man 5 ssh_config
man sshd
man ssh
All the best
--
M
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2005 01:12 AM
01-10-2005 01:12 AM
Re: secure shell ssh demands password eventhough I set up keys
Thanks to all for your direction and help.
I do have some situations between servers where I connect without asking for a password. For instance,
ServerA and ServerB acting as clients don't work not matter what. Meaning I always get prompted for a password.
But,,,
There are other servers in our environment that are functioning as I'd expect. Meaning
ServerC and ServerD acting as clients connect to other servers without prompting for passwords.
For now, I'm going to close this thread. Ultimately I'll need to read more and compare config files.
Thanks again
Kirk
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2005 01:13 AM
01-10-2005 01:13 AM
Re: secure shell ssh demands password eventhough I set up keys
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-16-2007 05:53 AM
02-16-2007 05:53 AM
Re: secure shell ssh demands password eventhough I set up keys
Set up a 'config' file in the .ssh dir. Change the 'id_rsa' to 'kirktest'.
regaldc@jms0en24 ~/.ssh$ cat config
# $OpenBSD: ssh_config,v 1.12 2002/01/16 17:55:33 stevesk Exp $
# This is the ssh client system-wide configuration file. See ssh(1)
# for more information. This file provides defaults for users, and
# the values can be changed in per-user configuration files or on the
# command line.
# The strategy used for options in the default sshd_config shipped with
# HP-UX Secure Shell is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for various options
# Host *
# ForwardAgent no
ForwardAgent yes
# ForwardX11 no
# RhostsAuthentication yes
# RhostsRSAAuthentication yes
# RSAAuthentication yes
# PasswordAuthentication yes
# PasswordAuthentication no
# FallBackToRsh no
# UseRsh no
# BatchMode no
# CheckHostIP yes
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
#
# WARNING: enabling protocol 1 will cause HP-UX Secure Shell vulnerable
# to security attacks. It is strongly recommended NOT to enable protocol 1.
# Use "2,1" to notify ssh to use version 2 and fall back to version 1 if
# version 2 is not available. The default is "2".
#
Protocol 2
# Cipher 3des
# Cipher blowfish
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# EscapeChar ~