FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 04-16-2008, 07:32 PM
Chris Geldenhuis
 
Default CONNECTING VIA SSH BETWEEN CENTOS 4 AND 5

Hi,

I am trying to set up an automatic connection between CentOS 4 system
(server) and a CentOS 5 DomU VM (client) via ssh to enable my to back up
development files on the server to the client with a cron process.


I generate they key pair without a pass phrase on the client and copy
the public key to the same user's .ssh directory on the server as
authorized_keys2.


When I try to ssh to the Server from the Client, I am still asked for
the user's password on the client.


If I do the same with CentOS 5 for both Client and Server, I can login
without providing a password.


The versions of ssh on the two systems are:

Client (CentOS 5): OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006

Server (CentOS 4): OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003

Does anyone on the list know whether these versions are compatible or
how to get them to work together without requiring a password.


It is not an option to change to CentOS5 on the server side as that
system is serving as a development system for a client running RedHat ES
4 and has to have the identical configuration and be binary compatible.


TIA

ChrisG
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-16-2008, 07:38 PM
"Daniel de Kok"
 
Default CONNECTING VIA SSH BETWEEN CENTOS 4 AND 5

On Wed, Apr 16, 2008 at 9:32 PM, Chris Geldenhuis
<chris.gelden@iafrica.com> wrote:
> I generate they key pair without a pass phrase on the client and copy the
> public key to the same user's .ssh directory on the server as
> authorized_keys2.

Why not 'authorized_keys'? 'authorized_keys2' has become deprecated
ever since SSH switched to version 2 of the protocol by default.

Take care,
Daniel

PS. You can use the '-v' flag to ssh to debug things better.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-16-2008, 07:44 PM
"Stephen John Smoogen"
 
Default CONNECTING VIA SSH BETWEEN CENTOS 4 AND 5

On Wed, Apr 16, 2008 at 1:32 PM, Chris Geldenhuis
<chris.gelden@iafrica.com> wrote:
> Hi,
>
> I am trying to set up an automatic connection between CentOS 4 system
> (server) and a CentOS 5 DomU VM (client) via ssh to enable my to back up
> development files on the server to the client with a cron process.
>
> I generate they key pair without a pass phrase on the client and copy the
> public key to the same user's .ssh directory on the server as
> authorized_keys2.
>
> When I try to ssh to the Server from the Client, I am still asked for the
> user's password on the client.
>
> If I do the same with CentOS 5 for both Client and Server, I can login
> without providing a password.
>
> The versions of ssh on the two systems are:
>
> Client (CentOS 5): OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006
>
> Server (CentOS 4): OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
>
> Does anyone on the list know whether these versions are compatible or how
> to get them to work together without requiring a password.
>
> It is not an option to change to CentOS5 on the server side as that system
> is serving as a development system for a client running RedHat ES 4 and has
> to have the identical configuration and be binary compatible.

I know this works between the entire CentOS family. The main problems
I have seen are that the users home directory or .ssh permissions are
not secure enough for ssh to do its thing.

ssh -v -v -v will tell you more than you want on where it is having
problems.. but the quick fix I use are the following:

su - root
chown $user $user_homedir # fill in $user and $user_home correctly as
in dude and /nfs/home/d/dude
chmod 0750 $user_homedir
chown $user $user_homedir/.ssh
chmod 0700 $user_homedir/.ssh
chmod 0600 $user_homedir/.ssh/authorized_keys

If that doesn't fix the problem the -v -v -v will tel what else might
be the cause.



--
Stephen J Smoogen. -- CSIRT/Linux System Administrator
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-16-2008, 08:59 PM
Chris Geldenhuis
 
Default CONNECTING VIA SSH BETWEEN CENTOS 4 AND 5

Stephen John Smoogen wrote:

On Wed, Apr 16, 2008 at 1:32 PM, Chris Geldenhuis
<chris.gelden@iafrica.com> wrote:


Hi,

I am trying to set up an automatic connection between CentOS 4 system
(server) and a CentOS 5 DomU VM (client) via ssh to enable my to back up
development files on the server to the client with a cron process.

I generate they key pair without a pass phrase on the client and copy the
public key to the same user's .ssh directory on the server as
authorized_keys2.

When I try to ssh to the Server from the Client, I am still asked for the
user's password on the client.

If I do the same with CentOS 5 for both Client and Server, I can login
without providing a password.

The versions of ssh on the two systems are:

Client (CentOS 5): OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006

Server (CentOS 4): OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003

Does anyone on the list know whether these versions are compatible or how
to get them to work together without requiring a password.

It is not an option to change to CentOS5 on the server side as that system
is serving as a development system for a client running RedHat ES 4 and has
to have the identical configuration and be binary compatible.



I know this works between the entire CentOS family. The main problems
I have seen are that the users home directory or .ssh permissions are
not secure enough for ssh to do its thing.

ssh -v -v -v will tell you more than you want on where it is having
problems.. but the quick fix I use are the following:

su - root
chown $user $user_homedir # fill in $user and $user_home correctly as
in dude and /nfs/home/d/dude
chmod 0750 $user_homedir
chown $user $user_homedir/.ssh
chmod 0700 $user_homedir/.ssh
chmod 0600 $user_homedir/.ssh/authorized_keys

If that doesn't fix the problem the -v -v -v will tel what else might
be the cause.




Thanks - changing the permissions fixed the problem . Thanks also to
Daniel for his suggestions.


ChrisG
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-16-2008, 09:46 PM
Ned Slider
 
Default CONNECTING VIA SSH BETWEEN CENTOS 4 AND 5

Chris Geldenhuis wrote:

Stephen John Smoogen wrote:

On Wed, Apr 16, 2008 at 1:32 PM, Chris Geldenhuis
<chris.gelden@iafrica.com> wrote:


Hi,

I am trying to set up an automatic connection between CentOS 4 system
(server) and a CentOS 5 DomU VM (client) via ssh to enable my to back up
development files on the server to the client with a cron process.

I generate they key pair without a pass phrase on the client and
copy the

public key to the same user's .ssh directory on the server as
authorized_keys2.

When I try to ssh to the Server from the Client, I am still asked
for the

user's password on the client.

If I do the same with CentOS 5 for both Client and Server, I can login
without providing a password.

The versions of ssh on the two systems are:

Client (CentOS 5): OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006

Server (CentOS 4): OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003

Does anyone on the list know whether these versions are compatible
or how

to get them to work together without requiring a password.

It is not an option to change to CentOS5 on the server side as that
system
is serving as a development system for a client running RedHat ES 4
and has

to have the identical configuration and be binary compatible.



I know this works between the entire CentOS family. The main problems
I have seen are that the users home directory or .ssh permissions are
not secure enough for ssh to do its thing.

ssh -v -v -v will tell you more than you want on where it is having
problems.. but the quick fix I use are the following:

su - root
chown $user $user_homedir # fill in $user and $user_home correctly as
in dude and /nfs/home/d/dude
chmod 0750 $user_homedir
chown $user $user_homedir/.ssh
chmod 0700 $user_homedir/.ssh
chmod 0600 $user_homedir/.ssh/authorized_keys

If that doesn't fix the problem the -v -v -v will tel what else might
be the cause.




Thanks - changing the permissions fixed the problem . Thanks also to
Daniel for his suggestions.




Yes, if StrictModes is set to yes in /etc/ssh/sshd_config (which is the
default), then the correct permissions *must* be set on ~/.ssh and
~/.ssh/authorized_keys.


It is also documented in the Wiki article here:

http://wiki.centos.org/HowTos/Network/SecuringSSH#head-9c5717fe7f9bb26332c9d67571200f8c1e4324bc

Regards,

Ned

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 07:19 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org