Passwordless SSH issue

I have a client that is requiring me to setup an ssh server that they can access with no password. I think I have configured everything properly however they are still being prompted for a password. When trying a loop back after generating local keys I am also being prompted for a pass. Can someone please lend some guidance as I am out of ideas.

I have attached a screenshot of my loopback debug log.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gt2847cSr. Security ConsultantCommented:
Did you set up the authorized_keys file in the users .ssh directory?
Jan SpringerCommented:
The users public key (from the remote machine) needs to be added to the authorized_keys or authorized_keys2 (whichever the sshd_config specifies) file of the local account.
gt2847cSr. Security ConsultantCommented:
Here's an article on configuring the authorized_keys file.  

The sshd_config file _jesper_ mentions is often located in /etc/ssh/  

Look for the line:

#AuthorizedKeysFile     .ssh/authorized_keys

The above is commented out, but shows the default that SSH looks for.  If that line is not commented out, then substitute the named file for authorized_keys

Experts Exchange Solution brought to you by ConnectWise

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

MRSAuthor Commented:
I have the public key in the users authorized_keys file and the permissions on .shh set to 700 and authorized_keys set to 640 but still no success. Is there something in the sshd_config that needs to be changed?
gt2847cSr. Security ConsultantCommented:
could you post the debug you mentioned in the original post?  that never got attached.
gt2847cSr. Security ConsultantCommented:
Also, did you check the permissions on the key files themselves?  Those too are checked.  Those should be 600 or 400.
MRSAuthor Commented:
I thought that adding the keys to authorized_keys did away with the requirement to keep the key? In fact I have seen many documents stating to remove them from the system
gt2847cSr. Security ConsultantCommented:
If they're gone, shouldn't be a problem other than you mentioned tried the login locally, so you would have to have the private key for that to work and not get prompted for the password.
Could be as simple as the way the user is connecting?

are they using:
ssh <ip address>

as opposed to:
ssh user@<ipaddress>
you can do it in simple method without password go to other server

you can run this command

 cat /root/.ssh/ | ssh b@B 'cat >> /root/.ssh/authorized_keys'
b@B's password: give the password

and go to command
# ssh b@b

you are log in without password
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.