FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 11-15-2010, 05:29 PM
John Kennedy
 
Default SSH keys question

All,I have 3 servers. All 3 are CentOS 5.5. All 3 have identical /etc/ssh/sshd_config files. I used ssh-keygen (with no arguments) to generate keys with no password. I then added all 3 id_rsa.pub keys to the authorized_keys file.

With this set up, I should be able to ssh between all 3 boxes without needing a password. The problem is that one of the servers keeps asking for a password even with the keys set up.*
servera --> serverb * No password

serverb --> servera * No passwordservera --> serverc * Passwordserverc --> servera * No passwordserverb --> serverc * Passwordserverc --> serverb * No password


If they are all identical from an ssh standpoint (at least the authorized_keys, /etc/sshd_config, and UID for the user on all 3 hosts), why will serverc not play nicely with the other 2> Is there something else I should be checking?


Thanks,John
--
*John Kennedy



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 11-15-2010, 05:36 PM
cliff here
 
Default SSH keys question

You should check the perms on the dirs, ssh will not allow it use the keys if they are too permissive. So I would check starting at /home

On Mon, Nov 15, 2010 at 1:29 PM, John Kennedy <skebi69@gmail.com> wrote:

All,I have 3 servers. All 3 are CentOS 5.5. All 3 have identical /etc/ssh/sshd_config files. I used ssh-keygen (with no arguments) to generate keys with no password. I then added all 3 id_rsa.pub keys to the authorized_keys file.


With this set up, I should be able to ssh between all 3 boxes without needing a password. The problem is that one of the servers keeps asking for a password even with the keys set up.*
servera --> serverb * No password


serverb --> servera * No passwordservera --> serverc * Passwordserverc --> servera * No passwordserverb --> serverc * Passwordserverc --> serverb * No password



If they are all identical from an ssh standpoint (at least the authorized_keys, /etc/sshd_config, and UID for the user on all 3 hosts), why will serverc not play nicely with the other 2> Is there something else I should be checking?



Thanks,John
--
*John Kennedy




_______________________________________________

CentOS mailing list

CentOS@centos.org

http://lists.centos.org/mailman/listinfo/centos




--
-------------------------------------------------------------------------------------------------------------------------------------
NOTICE: This message, including all attachments, is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, or the employee or agent responsible for delivering this message to its intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by replying "Received in error" and immediately delete this message and all its attachments.

-------------------------------------------------------------------------------------------------------------------------------------

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 11-15-2010, 05:45 PM
Paul Heinlein
 
Default SSH keys question

On Mon, 15 Nov 2010, cliff here wrote:

> You should check the perms on the dirs, ssh will not allow it use
> the keys if they are too permissive. So I would check starting at
> /home

This is the most likely cause; I'd check there too.

If not,

1. Ensure the file hash is the same (e.g., no extraneous whitespace
in the middle of the key)
2. sshd is usually pretty good about writing errors to syslog.

--
Paul Heinlein <> heinlein@madboa.com <> http://www.madboa.com/
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 11-15-2010, 05:50 PM
cliff here
 
Default SSH keys question

I do believe the perms need to be at 700 for the ./ssh dir and 640 for the actual key files contained.

On Mon, Nov 15, 2010 at 1:45 PM, Paul Heinlein <heinlein@madboa.com> wrote:

On Mon, 15 Nov 2010, cliff here wrote:



> You should check the perms on the dirs, ssh will not allow it use

> the keys if they are too permissive. So I would check starting at

> /home



This is the most likely cause; I'd check there too.



If not,



*1. Ensure the file hash is the same (e.g., no extraneous whitespace

* * in the middle of the key)

*2. sshd is usually pretty good about writing errors to syslog.



--

Paul Heinlein <> heinlein@madboa.com <> http://www.madboa.com/

_______________________________________________

CentOS mailing list

CentOS@centos.org

http://lists.centos.org/mailman/listinfo/centos



--
-------------------------------------------------------------------------------------------------------------------------------------
NOTICE: This message, including all attachments, is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, or the employee or agent responsible for delivering this message to its intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by replying "Received in error" and immediately delete this message and all its attachments.

-------------------------------------------------------------------------------------------------------------------------------------

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 12:04 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org