There are two servers :
Site
Testing
i generated public and private keys with ssh-keygen -t rsa on site server.
cat id_rsa >> authorized_keys
i appended id_rsa.pub ( public key site server ) to authorized_keys ( testing server ) with below command .
ssh oracle@testing.fgho.com "cat >> ~/.ssh/authorized_keys" < ~/.ssh/id_rsa.pub
am i missing some point in performing procedure for ssh password less authentication ?
because it prompts for passwords agaian and again
one thing i want to tell u that i am doing all above procedure with oracle user .
Scott
October 9, 2012, 2:26am
2
Check the permissions on the "Testing" server .ssh directory (should be 500 or 700) and the authorized_keys file (400 or 600)
on testing server permissions are as follows :
-rw-r--r-- 1 oracle oinstall 405 Oct 9 09:25 id_rsa.pub
-rw------- 1 oracle oinstall 1675 Oct 9 09:25 id_rsa
-rw-r--r-- 1 oracle oinstall 2486 Oct 9 09:27 authorized_keys
-rw-r--r-- 1 oracle oinstall 817 Oct 9 09:57 known_hosts
Scott
October 9, 2012, 2:37am
4
And they're wrong. What about the .ssh directory itself? drwxr-xr-x? That too would be wrong.
i could not find permissions at .ssh directory on testing server.
but now i did
do i set chmod 600 authorized_keys ??
Scott
October 9, 2012, 2:42am
6
Yes.
You can use the -a flag of ls to see 'hidden files'.
Or, in this case, just:
ls -ld ~/.ssh
ls -ald .ssh/
What are the permissions of your home dir itself? 777 will stop it from working for security reasons...
on testing server my home permissions are as follows :
pwd
/home/oracle/.ssh
[oracle@testing .ssh]$ ls -ltr /home/
drwxrwxrwx 46 oracle oinstall 12288 Oct 8 16:11 oracle
Yes, 777 will stop it from working.
It shouldn't be 777 anyway. Try 750
I changed permissions to
chmod 750 /home
now i can connect testing server from site server without password. ( thanks a lot for ur kind support ).
one thing i want to ask that changing /home/oracle permissions to 750 will result in something abnormal functionality in running oracle e-buiness suite application ??
---------- Post updated at 12:58 PM ---------- Previous update was at 12:35 PM ----------
i have to do the work i done above on my production server.
i am getting following error :
chmod 750 /home/
Scott
October 9, 2012, 4:00am
12
to your first question: No.
/home is (should be) owned by root, not oracle.
there was a directory shared via samba (/home/oracle/pfl_opm)
now this directory is not accesses via samba after changing above permission from 777 to 750.
What i do now ?
---------- Post updated at 03:53 PM ---------- Previous update was at 03:43 PM ----------
these are contents from samba :
[opm]
path = /home/oracle/pfl_opm
writeable = yes
; browseable = yes
valid users = opm
this directory is not going to access from samba after making above changes.
Scott
October 9, 2012, 6:57am
14
Change /home/oracle to 755
Changing /home to 750 is not a good idea. 755 for that is normal.
after making chmod 755 /home/oracle
[opt]
path = /opt
writeable = yes
; browseable = yes
# guest ok = no
valid users = oracle
opt folder is not going to access now.
---------- Post updated at 04:51 PM ---------- Previous update was at 04:15 PM ----------
how i can work with ssh password less authentication and i have to access these samba directories with their respective users as well.
please guide me.
harris
November 7, 2012, 9:24am
16
Hi Team,
Please suggest me futher process.
Regards,