Hi All,
I have a scenario where from machine1 I need to establish sftp/ssh to machine2.
Internet is full of examples of this how to generate they key-pair etc... but all examples assume that the account is the same on machine1 and machine2.
I would like to do the following:
1) user1 on machine1 invokes the following command:
ssh user2@machine2
I want this to be passwordless authentication. Also, user2 doesn't exist on machine1, it does only on machine2.
Here is what I did:
1) as user1 I created the keypair
ssh-keygen -t rsa
2) copied the public key over to machine2 under /home/user2/.ssh/
and created the authorized_keys file
Then as user1 I called the following command
ssh user2@machine2
Still prompting for password.
I tried on a test machine and if the user is the same on machine1 and machine2 then it's fine without password. But this is not what we need.
I use keys across different accounts all the time... The key can't tell. It's failing for some other reason.
Check out permissions on ~/.ssh/ and its files, as well as the home directory. ssh doesn't like it if your home directory is world-readable or writable.
The steps you describe sound fine. It's possibly the permissions on the key file.
# On server B
[root@vmb ~]# useradd user2
[root@vmb ~]# passwd user2
Changing password for user user2.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
# On server A
[root@vma ~]# useradd user1
[root@vma ~]# su - user1
[user1@vma ~]$ ssh-keygen
...
[user1@vma ~]$ ssh-copy-id user2@vmb
The authenticity of host 'vmb (10.10.10.172)' can't be established.
RSA key fingerprint is dd:5a:88:65:38:67:42:3a:ef:63:2b:97:34:c1:ab:52.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'vmb,10.10.10.172' (RSA) to the list of known hosts.
user2@vmb's password:
...
[user1@vma ~]$ ssh user2@vmb
[user2@vmb ~]$