keypair generation for passwordless sftp

dips_ag · September 6, 2011, 6:11am

Hi,

I want to establish a passwordless sftp between the two servers. I've searched the net and know the steps to be taken; which are as follows:

 
[local_user@local_server.com]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (~/.ssh/id_rsa):
~/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in ~/.ssh/id_rsa.
Your public key has been saved in ~/.ssh/id_rsa.pub.
The key fingerprint is:
16:e9:ag:29:34:45:7b:3f:ab:5b:1a:fb:37:cc:11:9f local_user@local_server.com

And then I copied the public key in ~/.ssh/id_rsa.pub to ~/.ssh/authorized_keys file at remote\_user@remote_server.com (couldn't scp the pub key as it says "permission denied")

Having done the above steps I tried to sftp from local_server to remote_server as follows:

 
[local_user@local_server.com]$  sftp remote_user@remote_server.com
remote_user@remote_server.com's password:

NOTE: The permission of ~/.ssh folder at remote server is 755 and that of authorized_keys is 600

It still is asking for password!! :wall:. Please help!!

-dips

fpmurphy · September 6, 2011, 6:44am

It could be any one of a number of reasons. The most obvious one is that the .ssh subdirectory should have permissions of 700 and not 755.

dips_ag · September 6, 2011, 6:59am

Hi fpmurphy,

I've changed the permissions of ~/.ssh folder at remote server from 755 to 700. But still it didn't work!! Any other things that I need to take care of?

-dips

apmcd47 · September 6, 2011, 9:39am

Similarly the local .ssh folder and private key should be 700/600.

You may need to check that the /etc/ssh/sshd.config file on the server and /etc/ssh/ssh.config file on the local machine do not turn off any switches for passphrase-free authentication. If they do you will have to turn them on in your ~/.ssh/config file.

Andrew