Re: Passwordless ssh, "once and for all"...
From: Bobby Patel (anup_patel@rogers.com)
Date: 12/13/02
- Previous message: Dack: "Re: Passwordless ssh, "once and for all"..."
- In reply to: Mike Sowka: "Passwordless ssh, "once and for all"..."
- Next in thread: Dr. Poo: "Re: Passwordless ssh, "once and for all"..."
- Maybe reply: Kim, Anthony: "RE: Re: Passwordless ssh, "once and for all"..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Bobby Patel" <anup_patel@rogers.com> To: "Mike Sowka" <msowka@doe.carleton.ca> Date: Thu, 12 Dec 2002 21:29:43 -0500
Steps:
0. "rm -r .ssh" directories on Machine Master and Machine 1
1. Create keys "ssh-keygen -t rsa" on Machine Master (accept defaults, and
don't enter passphrase)
2. Create keys "ssh-keygen -t rsa" on Machine 1 (the lazy way to create .ssh
directory)
3a. copy id_rsa.pub to authorized_keys2 (if authorized_keys2 doesn't exist
create it ) file on Machine 1.
3b. open up authorized_keys2 file in pico and make sure the public key is
all one line long
4. chmod 600 (or try 644) authorized_keys2 file.
5. ssh in "ssh machine1@123.123.123.123"
6. accept RSA fingerprint of machine 1, ---this is what should go into
know_host(2) file
This should give Master----> Machine 1
Hints/Notes:
- make sure all folders leading up to .ssh directory is NOT World/other
writable OR wolrd/other doesn;t have a sticky bit.
- When creating keys for passwordless access, create keys with no passphrase
(just press enter)
- that being said, IF the above doesn't work, try creating keys with
passphrase and try ssh'ing into Machine 1 and hopefully that give passphrase
prompt
- Once you get passphrase prompts create empty passprahse keys and try the
above sreps again.
- If that still doesn't work create an authorized_keys file (instead of
"authorized_keys2") (chmod 600 or 644 again)
I hope this helps
----- Original Message -----
From: "Mike Sowka" <msowka@doe.carleton.ca>
To: <secureshell@securityfocus.com>
Sent: Wednesday, December 11, 2002 4:49 PM
Subject: Passwordless ssh, "once and for all"...
> Hello,
> Number one, I have to admit that openssh has always been a bit of a
> "black magic" to me. The everyday stuff is a breeze (ssh scp), but I've
> had hell of a time setting up passwordless ssh for a little MPI cluster
> I have running here at school.
> I got the darned thing running about a year ago, having tried various
> methods, I finally STUMBLED on a working setup... unfortunately a hasty
> rm -rf .ssh here and there really messed things up.
> I've now decided I should learn how to get openssh-3.1p1 setup for
> passwordless ssh the right way, and in such a way that I know what's
> going on and can properly maintain my cluster.
> Please note the I've been RTFMing for the past 5 hours... and am on the
> verge of my nerves (hence the babbling on in my post).
>
> WHAT I NEED: passwordless login for ALL users from "master" to all
> "nodes" 1-14...
>
> WHAT I'M TRYING TO DO: I've worked on the one "master" to see if I can
> get pswd'less ssh on there first...
> -sshd creates the keys.
> -I take /etc/ssh/ssh_host_key.pub and copy it into
> /etc/ssh/ssh_known_hosts with "master" prepended
> -create /etc/hosts.equiv AND /etc/ssh/hosts.equiv with "master" listed
>
> QUESTION: Why the HECK does it keep asking me for a password to
> login???? Should I use protocol I ? And if so how do I enable it ( I
> have tried, and it would still insist on a password)
>
> Any suggestion and/or help ARE MUCH APPRECIATED.
> THANK YOU,
> Mike
>
> --
> Mike Sowka <msowka@doe.carleton.ca>
>
>
- Next message: Dr. Poo: "Re: Passwordless ssh, "once and for all"..."
- Previous message: Dack: "Re: Passwordless ssh, "once and for all"..."
- In reply to: Mike Sowka: "Passwordless ssh, "once and for all"..."
- Next in thread: Dr. Poo: "Re: Passwordless ssh, "once and for all"..."
- Maybe reply: Kim, Anthony: "RE: Re: Passwordless ssh, "once and for all"..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
