HPE Community
Operating System - HP-UX
1833778 Members
2510 Online
110063 Solutions
New Discussion

Re: ssh login

 
Cliff Lim Kok Hwee
Regular Advisor

‎10-26-2005 01:34 AM

‎10-26-2005 01:34 AM

ssh login

Gd Day Forum,

I just setup a HP-UX 11i serverC into an existing environment where currently all servers are login using ssh from a centralise serverA as follows without being prompted root login password.

serverA#> ssh serverB

Can anyone advise what entries need to be added into serverB to allow this access?

Thanks/cliff
0 Kudos
Reply
6 REPLIES 6
Ranjith_5
Honored Contributor

‎10-26-2005 01:54 AM

‎10-26-2005 01:54 AM

Re: ssh login

Hi,

You have to create create $HOME/.ssh/authorized_keys to make this happen.


there are many threads already there on the same subject. See

http://www2.itrc.hp.com/service/james/search.do?searchtext=ssh+without+password&hpl=1&todo=search&searchcriteria=allwords&from=forums&searchcategory=ALL&rn=25&presort=rank&source=7000&esc=us.support.itrc.hp.com&wpa=forums1.itrc.hp.com%3A80&origin=0&chkServStor=on


Regards,
Syam
0 Kudos
Reply
Alzhy
Honored Contributor

‎10-26-2005 01:56 AM

‎10-26-2005 01:56 AM

Re: ssh login

Simply copy (permissions set as well) serverB's ~/.ssh/authorized_keys* to serverC's ~/.ssh directory.
Hakuna Matata.
0 Kudos
Reply
Mel Burslan
Honored Contributor

‎10-26-2005 02:08 AM

‎10-26-2005 02:08 AM

Re: ssh login

You need to create a public/private key pair on server B and append the public portion of this key to serverA's $USERNAME/.ssh/authorized_keys file.

or

if you do not want to mess with creating and massaging key pairs, go to another system let's say serverC, which trusts serverA, goto same user's home directory
cd .ssh
grep serverA authorized_keys

copy this key (make sure it is copied without any line breaks)

then

go to serverB and go to the same user's home directory
if you do not have a .ssh directory, create it otherwise

cd .ssh
cat >> authorized_keys

paste the copied key in the buffer

hit ctrl-D

make sure your authorized keys ownership is right and owned by the username and its default group and permissions is no looser than 640.

you should be good to go.

at your first attempt you will be asked to confirm the identity of serverB from serverA but after that, there are no questions asked.
________________________________
UNIX because I majored in cryptology...
0 Kudos
Reply
Bharat Katkar
Honored Contributor

‎10-26-2005 02:33 AM

‎10-26-2005 02:33 AM

Re: ssh login

Hi,
Say you have to set ssh between server C and A then:

On server C:
1. # ssh A
When it asks for password just use to break and get the prompt back.
This will create /.ssh directory in server C.
2. # ssh-keygen -d
DO NOT PUT ANY PASSPHRASE (just provide blank ENTERs)
Verify that id_dsa.pub file is created in /.ssh directory. This is your public key. You need to distribute it to other machines like here server A.

Copy or ftp this file id_dsa.pub to server A say in /tmp directory

Then on server A:
3. # cat /tmp/id_dsa.pub >> /.ssh/authorized_keys

Now you can do login to server C from server A without being prompted for password.

e.g.
On server A
# ssh C
This will give you root login of server C.

Hope that helps.
Regards,
You need to know a lot to actually know how little you know
0 Kudos
Reply
Cliff Lim Kok Hwee
Regular Advisor

‎10-26-2005 02:40 AM

‎10-26-2005 02:40 AM

Re: ssh login

Thanks for the replies!

I tried copying directly the /root/home/root/.ssh/authorized_keys from trusted serverA over to serverC but when i issue the command

serverA> ssh serverC or ip address
NOTHING JUST HUNG THERE.

thanks/cliff
0 Kudos
Reply
Alzhy
Honored Contributor

‎10-26-2005 02:42 AM

‎10-26-2005 02:42 AM

Re: ssh login

On ServerC .. are you sure you have your sshd setup right?


Try running a debug ssh session to ServerC..


ssh -vvv serverC (not sure of syntax...)

Hakuna Matata.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.