Re: Passwordless ssh, problems with passphrase on the server side.

From: Darren Dunham (ddunham_at_redwood.taos.com)
Date: 08/16/05 

Date: Mon, 15 Aug 2005 22:28:55 GMT

dylanthomasfan <Sonny.Rajagopalan@gmail.com> wrote:
> I am trying to set up a passwordless user login between two of my
> computers, A, the server and B the client, both of which run Linux. A
> runs mandrake 10.0 (2.6.3-7) and B runs Gentoo 2.6.11. A runs
> OpenSSH_3.9p1, OpenSSL 0.9.7c 30 Sep 2003 and B runs OpenSSH_3.9p1,
> OpenSSL 0.9.7e 25 Oct 2004.

> I am having a problem adding the key at the server side. Here's what I
> have already accomplished:

> (a) Created a key pair using ssh-keygen -t dsa on B using a passphrase.
> (b) cat'ted the *.pub file into A in the user account's
> ~/.ssh/authorized_keys2.

Unless you have a very old version, .ssh/authorized_keys is the proper
location. You don't have to use *2 any longer.

> (c) logged into A

Via ssh? Using your recent key?

> (b) [myusername@A~ ] ssh-agent bash

Why are you doing that on 'A'?

> But when I try
> [myusername@A~ ] ssh-add .ssh/authorized_keys2

> on the server A, something I don't understand happens. It asks me for a
> passphrase, and when I enter the passphrase which I used in step (a)
> above, it says it is a bad passphrase.

authorized_keys contains a public key (since you just copied it). It's
not protected by a passphrase, and it can't be added to an agent.

You use the agent on B (if you want) to manage your private key
passphrases, not to manage anything about public keys.

> [myusername@A~ ]>ssh-add .ssh/authorized_keys2
> Enter passphrase for .ssh/authorized_keys2:
> Bad passphrase, try again for .ssh/authorized_keys2:

> Which goes on even though I enter the right passphrase. What is going
> on?

I'm not sure why you're trying to manage a public key this way... 

-- 
Darren Dunham                                           ddunham@taos.com
Senior Technical Consultant         TAOS            http://www.taos.com/
Got some Dr Pepper?                           San Francisco, CA bay area
         < This line left intentionally blank to confuse you. >

Relevant Pages

  • Re: public private key, 3DES
    ... When you want to generate a persistent symmetric key, ... normally derive it from a passphrase and initialization vector. ... key and encrypts passphrase, IV, etc using Y's public key. ... The private key is not to be distributed or saved, ...
    (microsoft.public.dotnet.security)
  • Re: sftp non interactive session
    ... You want to use scp to copy the files, not sftp. ... Here's an example of me copying the file 'ww' from host 'sparrow' to ... public key from host 'sparrow' to the file ... If a passphrase was entered when entering using ssh-keygen, ...
    (comp.unix.solaris)
  • Re: Suggestions For The Passing of Passphrases
    ... > passphrase of 20+ randomly generated characters. ... The conventional solution uses public key encryption. ... newspaper, in a telephone conversation between A & B, etc.). ... Only B can decrypt the message (using the private key) - it ...
    (sci.crypt)
  • Re: Symmetric encryption: why not use private keys?
    ... > for traditional symmetric encryption. ... > that you have to be very careful to choose a passphrase with enough ... This would mean rock-solid encryption as ... secret key ring used for public key crypto. ...
    (sci.crypt)
  • Re: failed password for "root" in logs
    ... create private/public key pair for your client and remote ... Remember public key goes to server and private key stays with ... Enter passphrase: ... Your public key has been saved in /home/dialin/.ssh/id_rsa.pub. ...
    (comp.os.linux.networking)