- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- ssh ask for password
Operating System - Linux
1748284
Members
3515
Online
108761
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-26-2009 07:27 AM
тАО11-26-2009 07:27 AM
I have created a ssh key on two servers that need to ssh to each other to run commands..
I used ssh-keygen -t dsa on each server, then created the authorized_keys file with the files: id_dsa.pub that were generated on each server...
However when I ssh to the server via the login id for this user it still asks for a password...
This is that same process I used for the root user and it works fine...
I did an ssh infort1@cvoicch1, and the last few lines of the debug info are:
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195
debug2: we did not send a packet, disable method
debug1: Next authentication method: publickey
debug1: Trying private key: /osg1/home/infort1/.ssh/identity
debug1: Trying private key: /osg1/home/infort1/.ssh/id_rsa
debug1: Offering public key: /osg1/home/infort1/.ssh/id_dsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
infort1@cvoicch1's password:
Any assistance would be appreciated...
I used ssh-keygen -t dsa on each server, then created the authorized_keys file with the files: id_dsa.pub that were generated on each server...
However when I ssh to the server via the login id for this user it still asks for a password...
This is that same process I used for the root user and it works fine...
I did an ssh infort1@cvoicch1, and the last few lines of the debug info are:
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195
debug2: we did not send a packet, disable method
debug1: Next authentication method: publickey
debug1: Trying private key: /osg1/home/infort1/.ssh/identity
debug1: Trying private key: /osg1/home/infort1/.ssh/id_rsa
debug1: Offering public key: /osg1/home/infort1/.ssh/id_dsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
infort1@cvoicch1's password:
Any assistance would be appreciated...
Solved! Go to Solution.
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-26-2009 07:55 AM
тАО11-26-2009 07:55 AM
Re: ssh ask for password
> I have created a ssh key on two servers
> that need to ssh to each other to run
> commands..
Servers don't run commands, users do. Any
reason not to have one set of keys for this
user to be used on both systems? (One reason
might be that someone else owns one of them,
and you don't want your private key data to
fall into foreign hands.)
These are both GNU+Linux systems of some
kind, running some version on OpenSSH?
> I used ssh-keygen -t dsa on each server,
> then created the authorized_keys file with
> the files: id_dsa.pub that were generated
> on each server...
The key data generated on which server went
into the authorized_keys file on which
server?
> debug1: Next authentication method: publickey
Ok.
> debug1: Trying private key: /osg1/home/infort1/.ssh/identity
Does that file exist? (Contents?)
debug1: Trying private key: /osg1/home/infort1/.ssh/id_rsa
Does that file exist? (Contents?)
debug1: Offering public key: /osg1/home/infort1/.ssh/id_dsa
Shouldn't that be a _private_ key?
> debug1: Next authentication method: password
The server didn't approve of any of your
public key data.
A Forum search (including HP-UX) might find
a large number of similar threads, many of
which involved solutions to similar problems.
> that need to ssh to each other to run
> commands..
Servers don't run commands, users do. Any
reason not to have one set of keys for this
user to be used on both systems? (One reason
might be that someone else owns one of them,
and you don't want your private key data to
fall into foreign hands.)
These are both GNU+Linux systems of some
kind, running some version on OpenSSH?
> I used ssh-keygen -t dsa on each server,
> then created the authorized_keys file with
> the files: id_dsa.pub that were generated
> on each server...
The key data generated on which server went
into the authorized_keys file on which
server?
> debug1: Next authentication method: publickey
Ok.
> debug1: Trying private key: /osg1/home/infort1/.ssh/identity
Does that file exist? (Contents?)
debug1: Trying private key: /osg1/home/infort1/.ssh/id_rsa
Does that file exist? (Contents?)
debug1: Offering public key: /osg1/home/infort1/.ssh/id_dsa
Shouldn't that be a _private_ key?
> debug1: Next authentication method: password
The server didn't approve of any of your
public key data.
A Forum search (including HP-UX) might find
a large number of similar threads, many of
which involved solutions to similar problems.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-26-2009 11:16 AM
тАО11-26-2009 11:16 AM
Solution
A good reason for a problem like this is also the permissions on the home and the .ssh directories, and the id* files.
Ensure that these files and directories does not have write permissions for group or others.
Check also StrictModes.
http://blog.codefront.net/2007/02/28/debugging-ssh-public-key-authentication-problems/
Ensure that these files and directories does not have write permissions for group or others.
Check also StrictModes.
http://blog.codefront.net/2007/02/28/debugging-ssh-public-key-authentication-problems/
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-26-2009 03:58 PM
тАО11-26-2009 03:58 PM
Re: ssh ask for password
Thanks, found problem on the home directory permissions... Corrected that issue and ssh worked without prompting for password.
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP