Page 1 of 1

Help with SSH keys.

Posted: Tue May 22, 2007 4:47 pm
by impulse()
I want to setup a box so that I can ssh to it from a certain other box and I'm taken straight into the box without any request for a password. I have followed several different tutorials to do this using SSH keys but none seems to have any affect on the standard login process.

Hopefully somebody has been through this process before and can show me where I'm going wrong. I'll show exactly what I've done.


As root in /root directory:

ssh-keygen -t rsa
scp -p ~/.ssh/authorized_keys Box B:.ssh/


On other server:

chmod 600 /root/.ssh
chmod 700 /root/.ssh/authorised_keys


And then I run 'ssh -i <key file> <server>' and it still requests a password.

Any help appreciated.

Posted: Tue May 22, 2007 6:57 pm
by Weirdan
you're copying wrong file. You need to add your public key (usually stored in ~/.ssh/id_rsa.pub) to the ~/.ssh/authorized_keys file on the box you want to connect to.

Posted: Tue May 22, 2007 8:52 pm
by redmonkey
Additionally if you're still running into problems, you might need to check your SSH deamon config for the filename it uses, some use 'authorized_keys' while others use 'authorized_keys2'. These are the two most common filenames but your system may be using something completely different.

Posted: Wed May 23, 2007 1:38 am
by timvw
Although i can't find it right away, i remember that i had written a little shell script that concatenates all public keys in a directory into authorized_keys2 file, and creates a symlink authorized_keys to the file...

http://www.timvw.be/wp-content/code/bash/setupssh.txt

All it expects is that you place your private key files, to connect TO other machines in ~/.ssh/private and your public key files, to connect FROM other machines in ~/.ssh/public.. (In most situations your private folder would be empty, since you're not connecting TO other machines from that host)

Posted: Wed May 23, 2007 2:09 am
by impulse()
Weirdan wrote:you're copying wrong file. You need to add your public key (usually stored in ~/.ssh/id_rsa.pub) to the ~/.ssh/authorized_keys file on the box you want to connect to.
This is what I have tried, but I also tried it again just and I'm still having the problem. I have checked the SSH config file and the directory is set to authorized_keys.


I have 'Box A' which I'm connecting FROM and 'Box B' which I'm connecting TO.

On Box A I have run ssh-keygen and copied the generated files across to /root/.ssh/authorized_keys on Box B and I have then run 'ssh -i id_dsa.pub <user>@<host>' on Box A but Box B is still asking for a password when I connect to it.

Posted: Wed May 23, 2007 6:19 am
by timvw
usually an sshd is pretty anal about userrights on the files.. So you might want to check on that (only the owner should have rights)