Solved

cannot rsh to linux using public key

Posted on 2012-04-04
5
586 Views
Last Modified: 2012-06-27
I'm reposting this because apparently my problem is not solved.

I have 2 linux computers. I am trying to ssh from one to the other w/o passwords. I can ssh from computer A to computer C, but not from A to B. I can't see where the difference is. On computer A,  I ran ssh-keygen which created ~/.ssh/id_rsa.pub.

I copied the contents of that id_rsa.pub file. Then, logged into computer B and appended the contents of A's id_rsa.pub to B's ~/.ssh/authorized_keys. I did the same with computer C.

When ssh'ing from A to C I get logged in, no password prompt. When ssh'ing from A to B it prompts me for a password. What am I doing wrong?
0
Comment
Question by:jmarkfoley
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 7

Expert Comment

by:torakeshb
ID: 37809660
There is no way.  I think you could have copied the wrong key file to server B..

"When ssh'ing from A to B it prompts me for a password." --> Are you able to get it when you give the password.
0
 
LVL 3

Expert Comment

by:gnemi
ID: 37809696
The public key goes to the server receiving the connection. The private key stays on the client.

The public key needs to be pasted into authorized_keys on the server. Private keys should be in the .ssh folder of the user you are connecting with.
0
 
LVL 12

Accepted Solution

by:
larsrohr earned 400 total points
ID: 37809780
So far, it seems you've taken the right steps.
A common issue is that of file permissions.  ssh won't honor your authorized_keys file if permissions on it or on ~/.ssh are too loose.  So a good place to start is with:
 chmod 700 ~/.ssh
 chmod 600 ~/.ssh/authorized_keys

It could also be that the sshd_config on B is different, not allowing public key authorization.  This isn't very likely, I'd say, but it may be worth comparing sshd_config on B versus C (often this is at /etc/ssh/sshd_config).

For a bit more clarity on the problem, assuming the above doesn't help, please try ssh'ing verbosely.  The output may be illuminating, if you can share it here.
 ssh -vvv username@Bmachine
0
 
LVL 2

Assisted Solution

by:bandris
bandris earned 100 total points
ID: 37810737
The most likely problem is the ownership or mode on
1. authorized_keys file or
2. .ssh directory

If you use ssh-copy-id to put you public key on remote computers you will not mess up the rights accidentally.
0
 
LVL 1

Author Closing Comment

by:jmarkfoley
ID: 37812275
Changing the permissions on the authorized_keys worked! I can't believe that didn't occur to me, but it was late. Bandris, great tip on the ssh-copy-id program. I didn't even know it existed.
Thanks
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Fine Tune your automatic Updates for Ubuntu / Debian
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question