Re: SSH Athentification with public key

[Mikel Bauer <mikel@bridgeband.net>]

Please realize with a redhat 7.3 install, that "authorized_keys" is 
perfectly valid, and infact SHOULD be used as you would need to changed 
the default sshd_config file to point to the "authorized_keys2" file.

And it's required to append the contents of your public rsa key to the 
authrized_keys file (man ssh-keygen):

      $HOME/.ssh/id_rsa.pub
              Contains the protocol version 2 RSA public key for authentica-
              tion.  The contents of this file should be added to
              $HOME/.ssh/authorized_keys on all machines where the user 
wishes
              to log in using public key authentication.  There is no 
need to
              keep the contents of this file secret.

with redhat7.3, there should be no need for any identify files (identity 
or identity.pub).

Doing a verbose connection should help figure out what the problem is 
(ssh -v hostname).  This should show you step by step how it's trying to 
authenticate.


-- 
Mikel Bauer


Stephen Samuel wrote:
> Gerd Müller wrote:
> 
>> Hello,
>>
>> i want to update hourly a remote mirror-server with rsync via ssh. In 
>> order to enable the file-server to establish a ssh-session without 
>> password prompt, i created on file-server a keypair with ssh-keygen -t 
>> rsa (empty passphrase) and copied the public key (id_rsa.pub) to the 
>> /root/.ssh/authorized_keys File (on mirror-server). This file didn't 
>> exist before.
> 
> 
> Try:
>     cd .ssh
>     chmod og-w auth* . ..
>     mv authorized_keys authorized_keys2
> 
> The authorized_keys file must be owned and readable by root,
> (or owned and readable by the user that  is being authenticated for)
> The authorized_keys file, the .ssh directory and your home directory
> must ONLY be writable by the owner. They CANNOT be group-writable.
> 
> Matt Hemingway wrote:
>  > Could be a couple things:
>  >
>  > 1. When you copied the id_rsa.pub file, did you do a copy and paste 
> from an xterm window to an xterm window or did you sftp/scp/ftp the file 
> over?  I had a similar problem, where I had copied the contents from an 
> xterm window to an xterm window and instead of the lines wrapping at the 
> end of the window, line breaks were inserted. Each public key entry must 
> be one line.
>  >
>  > 2. Make sure the authorized_keys file is owned and readable by root.
>  >
>  > Also, try ssh -vvv root@mirror-server and see if you get any usefull 
> info.   strace can come in handy as well.
> 
> if you're using the DSA or RSA public keys. They should go into the
> authorized_keys2 file.
>                ^
> It's only identity.pub (the ssh1 public key file) who'se contents
> get coppied into authorized_keys
> 
>

-
To unsubscribe from this list: send the line "unsubscribe linux-admin" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html