[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: Passwordless login with SSH
- From: "Mikkel L. Ellertson" <mikkel Infinity-ltd com>
- To: <redhat-list redhat com>
- Subject: Re: Passwordless login with SSH
- Date: Wed, 1 Aug 2001 11:41:28 -0500 (CDT)
On Wed, 1 Aug 2001 Rebecca R Hepper seagate com wrote:
> Hey All,
>
> I am trying to do a passwordless login using SSH. My ultimate goal is to
> write a script that will login to computers so I can remove old RPMS,
> install new RPMS and start a couple daemons. I have many, many computers
> without CDs or floppies which is why I want a script to allow me to do this
> remotely.
>
> I took my best stab at setting SSH up, but I haven't been able to login
> without a password. I always get prompted for the password. Here are the
> steps I took to setup my machines:
>
> I am using Redhat 7.1 and the latest rpms for openssh, openssh-clients and
> openssh-server
>
> ON THE HOST:
> #as root, generate random key and leave passphrase empty, creates two files
> /etc/ssh/ssh_host_key and ssh_host_key.pub
> ssh-keygen -f /etc/ssh/ssh_host_key
>
> #edit /etc/ssh/sshd_config if necessary, I left mine as it was
>
> #chmod on files
> chown -R root:root /etc/ssh
> chmod 755 /etc/ssh
> chmod 600 /etc/ssh/ssh_host_key
> chmod 644 /etc/ssh/ssh_host_key.pub
> chmod 644 /etc/ssh/sshd_config
>
> #run the sshd daemon
> /usr/sbin/sshd
>
> On the CLIENT:
> #edit /etc/ssh/sshd_config if necessary, I left mine as it was
>
> #as user, generate user keys -- /home/username/.ssh/identity and
> identity.pub
> ssh-keygen
>
> cp /home/username/.ssh/identity.pub from the client onto host and place it
> in /home/username/.ssh/authorized_keys
> chmod 600 /home/username/.ssh/authorized_keys
>
> Does anyone have any thoughts on what I have done wrong or how I can get
> around having to input a pasword?
>
> Thanks for the help in advance!
>
>
I think you are doing the keys backwards. What you need to do is copy
the identity.pub file of the user that will be running the ssh command
to /home/username/.ssh/authorized_keys on the machine you want to log
into. (You can have more the one key in authorized_keys.) You can then
run "ssh client-machine -l username" to log in without a password. You
only need the -l username if the names are not the same on both
machines.
One other thing - if you are useing ssh and not openssh, you may need to
use authorized_keys2, depending on the type of key you generated.
Double check the ssh man pages - I may have the name wrong. (The
coffee isn't done yet!)
I use this often with openssh to log in as root on remote machines from
my normal user account on my workstation.
Mikkel
--
Do not meddle in the affairs of dragons,
for you are crunchy and taste good with ketchup.
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]