Re: Can't login without password
From: Charles Howse (chowse@charter.net)
Date: 01/05/03
- Previous message: HarryS: "Re: Can't login without password"
- In reply to: Cylurian: "Re: Can't login without password"
- Next in thread: Bill Unruh: "Re: Can't login without password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Charles Howse" <chowse@charter.net> Date: Sun, 5 Jan 2003 06:36:59 -0600
Finally!
The problem was the file ownership of authorized_keys.
It belonged to nfsnobody:nfsnobody. When I chowned it to root:root, it
works!
Thanks!
"Cylurian" <fsromero@hotmail.com> wrote in message
news:326151f6.0301050035.51376ffc@posting.google.com...
> "Charles Howse" <chowse@charter.net> wrote in message
news:<v1erbj7v7rorf7@corp.supernews.com>...
> > Hello Group,
> > Using Redhat 8.0, Ive got ssh working on 2 machines.
> > I've created the public key for each machine and placed each in the
> > ~/.ssh/known_hosts file on the other machine.
> > When I:
> > # ssh <remote machine>
> > I am prompted for the password.
> > I thought copying the public keys was supposed to do it?
> > How do I setup to login without providing a password?
>
> I assume that you are using Openssh. If so, this is what I did.
>
> First on the client machine go to the ~/.ssh folder. If there is no
> ~/.ssh folder don't worry just go to your home directory. Then type
> the command:
>
> ssh-keygen -t dsa
>
> Hit return everytime without putting anything. Two file will be
> created, id_dsa and id_dsa.pub. The id_dsa.pub is the key that the
> server needs. id_dsa.pub is the file you send to the server. Leave
> the id_dsa file alone.
>
> Make sure that there is a ~/.ssh folder in the server. You may do
> step one on the server to create a ~/.ssh folder (this will create the
> correct permission on the .ssh folder). To send the id_dsa.pub key
> from the client to the server, type (make sure you are at ~/.ssh):
>
> cat id_dsa.pub | ssh user@server.com "cat >> .ssh/authorized_keys"
>
> This will ask for the users' password. Now you should be able to ssh
> from the client to the server by typing:
>
> ssh user@server.com
>
> If it doesn't work then you might have two problems (or more). First
> the file you sent (authorized_keys) was corrutpted. To fix this you
> need to copy id_dsa.pub file on a floppy and rename it to
> authorized_keys to the server (at ~/.ssh. Or gzip the id_dsa.pub file
> and scp it to the server and rename it.
>
> The second problem is the permissions on the .ssh folder, home
> directory, or authorized_keys. I found out the hard way that if the
> permissions are not correct on the .ssh folder, the home folder or the
> authorized_keys file, ssh will not automatically authenticate without
> a password. If your home directory has a "group" that can write to
> the directory the might be one reason why the authentication without a
> password might not work. If you look at /etc/sshd_config you might
> find "StrictModes yes", this means that the home directory folder, the
> authorized_keys file or .ssh folder needs to have the correct
> permissions.
>
> Hope that helps.
- Next message: Eric Kershner: "Re: SSH port forwarding with multihomed W2K Server"
- Previous message: HarryS: "Re: Can't login without password"
- In reply to: Cylurian: "Re: Can't login without password"
- Next in thread: Bill Unruh: "Re: Can't login without password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
