HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- SFTP authorized_keys - no supply password during s...
Operating System - HP-UX
1836484
Members
2451
Online
110101
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-12-2009 02:08 PM
01-12-2009 02:08 PM
Having difficulties setting up this one particular SFTP connection without supplying our password. The id_rsa.pub file has been generated and sent to several other sites - which works fine. I have tried several different permissions on the .ssh directory and authorized_keys file on the remote host. The users .ssh directory on the local host has 755 and the id_rsa permission is 600. On the remote host, there are two .ssh directories
- /.ssh (permissions 700)
- /.ssh/authorized_keys (600)
- /incoming/.ssh (permissions 700)
- /incoming/.ssh/authorized_keys (600)
I have tested with the /incoming/.ssh moved to another directory name - that has not helped either.
On our side - I have used the -vvv option and have attached one of the attempts to this message.
Any assistance with this would be greatly appreciated. Points will be assigned!
Thank-you for your assistance!
Dorothy
- /.ssh (permissions 700)
- /.ssh/authorized_keys (600)
- /incoming/.ssh (permissions 700)
- /incoming/.ssh/authorized_keys (600)
I have tested with the /incoming/.ssh moved to another directory name - that has not helped either.
On our side - I have used the -vvv option and have attached one of the attempts to this message.
Any assistance with this would be greatly appreciated. Points will be assigned!
Thank-you for your assistance!
Dorothy
Solved! Go to Solution.
4 REPLIES 4
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-12-2009 02:53 PM
01-12-2009 02:53 PM
Re: SFTP authorized_keys - no supply password during sftp
Shalom Dorothy,
http://www.hpux.ws/?p=10
Permissions are key. If ownership or permissions is off to any degree this will not work.
try ssh -vvv for diagnostic purposes.
SEP
http://www.hpux.ws/?p=10
Permissions are key. If ownership or permissions is off to any degree this will not work.
try ssh -vvv for diagnostic purposes.
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-13-2009 05:51 AM
01-13-2009 05:51 AM
Re: SFTP authorized_keys - no supply password during sftp
Thank-you for the response. The attached document is from a SFTP with the -vvv option. So when there are two .ssh directories on the remote host - which one will it try to access for authentication? When I SFTP into the remote host - I am placed in the /incoming directory which has one of the .ssh directories. The directory above the "incoming" also has a .ssh directory.
Thanks,
Dorothy
Thanks,
Dorothy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-13-2009 06:17 AM
01-13-2009 06:17 AM
Solution
The correct location of the .ssh directory is determined by the sshd server configuration on the remote host. The default is $HOME/.ssh of the user. This can be changed, but it is very rare.
The fact that you can write to /.ssh (which is supposed to be the root directory of the system) indicates that the remote server is probably chrooted. The sysadmin of the remote site might have done other non-default configurations too: it is best to ask him/her.
The remote sysadmin can even disable key authentication entirely, if he/she wishes to do so. The "authentications that can continue" information in the debug output is not necessarily true. For example, if password authentication has been disabled from the server side, the client can still be offered a "password" authentication method; it just will never succeed.
The remote server will *not* tell you exactly why your connection attempt is denied. This is a security issue: until you've successfully authenticated yourself, "you" might be an intruder trying to find a way into the system. No reason to offer clues to an unknown person or malware which may be attempting an unauthorized entry, right? Instead, the reason for rejection is stored into the remote server's logs - if you are not an intruder, you can contact the remote sysadmin and troubleshoot the problem together with him/her.
MK
The fact that you can write to /.ssh (which is supposed to be the root directory of the system) indicates that the remote server is probably chrooted. The sysadmin of the remote site might have done other non-default configurations too: it is best to ask him/her.
The remote sysadmin can even disable key authentication entirely, if he/she wishes to do so. The "authentications that can continue" information in the debug output is not necessarily true. For example, if password authentication has been disabled from the server side, the client can still be offered a "password" authentication method; it just will never succeed.
The remote server will *not* tell you exactly why your connection attempt is denied. This is a security issue: until you've successfully authenticated yourself, "you" might be an intruder trying to find a way into the system. No reason to offer clues to an unknown person or malware which may be attempting an unauthorized entry, right? Instead, the reason for rejection is stored into the remote server's logs - if you are not an intruder, you can contact the remote sysadmin and troubleshoot the problem together with him/her.
MK
MK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-13-2009 09:46 AM
01-13-2009 09:46 AM
Re: SFTP authorized_keys - no supply password during sftp
Changed the /incoming directory to have the permissions of 700. One of the .ssh directories is located under this subdirectory. Once I changed the permissions on the incoming directory - the authentication worked!
Thanks to all, for your assistance!
Dorothy
Thanks to all, for your assistance!
Dorothy
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP