[SOLVED] Ssh authentication using public key not working!
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hello everyone!
I am trying to access a server using ssh public keys without entering a password, but not getting success. Here is situation: Local machine:
Hostname: saturn.org.com, usrename: jack Remote machine:
Hostname: mars.org.com, username: root What I did:
1. Logged in on saturn.org.com as user jack and generated ssh public keys using "ssh-keygen -t rsa"
2. Left password prompt blank when it asked to enter a password (I just pressed enter key)
3. Appended the encrypted public key generate (i.e. content of ~/.ssh/id_rsa.pub) from saturn.org.com into root user's .ssh/authorized_keys file on mars.org.com
4. As final step, from my local machine i.e. saturn.org.com (logged in a jack) I invoked "ssh root@mars.org.com" command to connect to saturn as root without entering a password.
But it's again & again prompts me to enter root's password. So could anybody suggest that where I am making a mistake?
###### DIRECTIONS FOR CREATING RSA KEY################
Directions for creating the rsa key and making the two
servers talk to each other without password.
1st change directory into .ssh and check what files are there.
[rx30@rx30 ~]$ cd .ssh
[rx30@rx30 .ssh]$ ls -l
total 4
-rw-r--r-- 1 rx30 group 2980 Jun 13 12:02 known_hosts
2nd create the rsa key.
[rx30@rx30 .ssh]$ ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/usr/rx30/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /usr/rx30/.ssh/id_rsa.
Your public key has been saved in /usr/rx30/.ssh/id_rsa.pub.
The key fingerprint is:
cb:b0:40:c6:e9:f4:9e:f5:71:fc:c3:00:c0:f7:c6:75 rx30@rx30.localdomain
3rd check that there are two new files with the following permissions
[rx30@rx30 .ssh]$ ls -l
total 12
-rw------- 1 rx30 group 3243 Jun 22 15:50 id_rsa
-rw-r--r-- 1 rx30 group 743 Jun 22 15:50 id_rsa.pub
-rw-r--r-- 1 rx30 group 2980 Jun 13 12:02 known_hosts
4th change directory back to the users $HOME
[rx30@rx30 .ssh]$ cd
5th copy the key to the remote server
[rx30@rx30 ~]$ ssh-copy-id -i ~/.ssh/id_rsa.pub rx30@XXX.XXX.XXX.XXX
25
rx30@XXX.XXX.XXX.XXX's password:
Now try logging into the machine, with "ssh 'rx30@XXX.XXX.XXX.XXX'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
6th, follow directions on the screen.
[rx30@rx30 ~]$ ssh rx30@XXX.XXX.XXX.XXX
Last login: Fri Jun 22 14:12:08 2012 from 10.10.4.77
[rx30@rx30 ~]$ exit
logout
Connection to XXX.XXX.XXX.XXX closed.
3. Appended the encrypted public key generate (i.e. content of ~/.ssh/id_rsa.pub) from saturn.org.com into root user's .ssh/authorized_keys file on mars.org.com
4.You have to copy root users mars.org.com id_rsa.pub key to known_hosts of local machine saturn.org.com
5.You have to enable following parameter in sshd_config to accept key attentication
vi /etc/ssh/sshd_config
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
6.Check out the permission of .ssh,keys,authorized-keys file these may also cause for ssh attentication failure.
It is likely sshd_config on mars does not have "PermitRootLogin yes" enabled .. you would need that to perform logins directly as root. I advise against this - log in as an individual user's account and become root when necessary with sudo or su.
I will accept 4 point is inaccurate if the user generate passwordless attentication for normal user .But the user scenerio he has been generating passwordless attentication for his root directory .I dont think what i have posted his wrong if he trying to create passwordless login for his root directory.
4.You have to copy root users mars.org.com id_rsa.pub key to known_hosts of local machine saturn.org.com
@linosaurusroot,
Can you explain what wrong with 5 point i have posted .I dont think without enabling the PubkeyAuthentication yes passwordless key login never seems to work.
5.You have to enable following parameter in sshd_config to accept key attentication
vi /etc/ssh/sshd_config
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
Last edited by jsaravana87; 11-03-2012 at 06:23 AM.
Point 4 confused 32 different kinds of keys - host keys (as in known_hosts) and user keys (as in id_rsa.pub).
Point 5 overlooks that in /etc/ssh/sshd_config
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
are the defaults and do not need to be uncommented unless you mean to change them.
For complete procedure, please follow my blog here.
Thanks for posting the solution.
I'd like to know, how can i login to remote machine as root being a normal user on local machine ?
i.e i'd like to login as root on mars from being a jack on saturn.
Will that work if we copy the ssh public key of jack to the /root/.ssh/authorized_keys file on mars?
That will allow the root user from saturn to login as root into mars.
What i need is .. being jack on saturn..i want to login as root into mars.
Will it work if i add jack ssh public key(Which is generated on mars)to the /root/.ssh/authorizes_keys(Which is residing in root home directory) on mars?
---------- Post added 03-08-13 at 10:31 AM ----------
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.