Re: Non-interactive SSH Login.

From: ColoC (colocoloc@yahoo.com)
Date: 04/24/03 

From: colocoloc@yahoo.com (ColoC)
Date: 24 Apr 2003 04:48:43 -0700

"Alex" <alex.ferguson@NOSPAMdartmouth.edu> wrote in message news:<20030423151652.1729c7d4.alex.ferguson@NOSPAMdartmouth.edu>...
> On 23 Apr 2003 08:25:24 -0700
> colocoloc@yahoo.com (ColoC) wrote:
>
> > Hi, I have reviewed OpenSSH manpages ( SSH(1), SSH-KEYGEN(1),
> > SSH-AGENT(1), SSH-ADD(1), SSH_CONFIG(5) and SFTP(1) ), and I tried
> > many times myself for non-interactive SSH login.
> >
> > What I did is like:
> >
> > mysh> ssh-keygen -t rsa
> >
> > Then the id file is written to "~/mydir/id_rsa" , in which I set my
> > passphrase to be empty. Now I have my configuration file ("
> > ~/mydir/ssh_config" ) is as follows:
> >
> > BatchMode yes
> > IdentityFile ~/mydir/id_rsa
> > Protocol 2
> >
> > Then I tried:
> >
> > mysh> ssh -F ~/mydir/ssh_config myuser@127.0.0.1
> >
> > And I got the following output:
> >
> > Permission denied (publickey,password,keyboard-interactive).
> >
> > Does this mean that my admin has installed and configured the ssh
> > applications in such a way that only "
> > (publickey,password,keyboard-interactive) " is allowed? (I am sorry I
> > can't catch the admin, who is very busy.)
> >
> > And of course I tried:
> >
> > mysh> sftp -o 'IdentifyFile ~/mydir/id_rsa' myuser@127.0.0.1
> >
> > And I got the following output:
> >
> > myuser@127.0.0.1's passsword:
> >
> > which of course shows the failure of my non-interactive sftp.
> >
> > Can someone help me out of there?
> >
> > ColoC
>
> Did you remember to put your public key, probably called id_rsa.pub, in ~/.ssh/authorized_keys ? Also, things will generally work more smoothly if you move your ssh_config to ~/.ssh/config and your private key to ~/.ssh/id_rsa.
>
> --Alex

Thanks.

The "authorized_keys" file seems to be the point. However now my
questions are:

-- Should the "authorized_keys" file always have the same content as
that in the file "id_rsa.pub"? If so, why do I have to copy the file
to another name, while the file "id_rsa.pub" is readable to everyone?

-- If I have a ftp-only account (I don't even have a home directory,
can not even login the system via ssh -- only sftp or ftp is allowed),
how can I make my configurations as above? Do I have to seek for help
from the root? What if he can't build a commonly-shared
non-interactive configuration for that ftp-only user?

ColoC

Relevant Pages

  • Re: Administration Console on Server not Functioning
    ... Now that I have everything configured within this environment and ... I can view fine from the Admin UI on my desktop using the same ... > this so that I can see the configurations from the console again? ... It would really help if folks included all relevant product, ...
    (microsoft.public.sms.admin)
  • Administration Console on Server not Functioning
    ... Now that I have everything configured within this environment and ... server. ... I can view fine from the Admin UI on my desktop using the same ... this so that I can see the configurations from the console again? ...
    (microsoft.public.sms.setup)
  • Administration Console on Server not Functioning
    ... Now that I have everything configured within this environment and ... server. ... I can view fine from the Admin UI on my desktop using the same ... this so that I can see the configurations from the console again? ...
    (microsoft.public.sms.admin)
  • Re: Kerberos auth based on ticket
    ... Looking at the sshd and ssh configurations, ... both an ssh client and an ssh server that support GSSAPI authentication, ... keytab for the server, and GSSAPI authentication enabled. ...
    (comp.protocols.kerberos)
  • Re: An SSH X11Forwarding problem
    ... | ssh -X B ... I can open x application (such as xterm or eog...) well. ... an vith the same configurations (the default configuration ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)