Hi i am using solaris 10.I am trying to setup a public/private key but it is not working.Appreciate your repsonse on it
There are two servers DB1 server and DB2 server.
1)I have generated public/private key using below step on both servers.
ssh-keygen -t rsa
2)From DB1 server moved the public key to the DB2 server and appended to the authorized_keys and changed permission as below.
scp ~/.ssh/id_rsa.pub mzty3f@DB2@:/tmp/id_rsa.pub.DB1
cat /tmp/id_rsa.pub.DB2 >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
3)Same step repeated on DB2 server,moved the public key to the DB2 server and appended to the authorized_keys and changed
scp ~/.ssh/id_rsa.pub mzty3f@DB1:/tmp/id_rsa.pub.DB2
cat /tmp/id_rsa.pub.DB1 >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
4) when i do ssh still it is prompting for password.I have done this setup using root.please help me on this error
Thanks for the reply.Please find the requested output.let me know anything else is needed.
dcwipphvom001 # ssh -v
Sun_SSH_1.1.4, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
You have to specify host.
Usage: ssh [options] host [command]
Options:
-l user Log in using this user name.
-n Redirect input from /dev/null.
-F config Config file (default: ~/.ssh/config).
-A Enable authentication agent forwarding.
-a Disable authentication agent forwarding (default).
-X Enable X11 connection forwarding.
-x Disable X11 connection forwarding (default).
-i file Identity for public key authentication (default: ~/.ssh/identity)
-t Tty; allocate a tty even if command is given.
-T Do not allocate a tty.
-v Verbose; display verbose debugging messages.
Multiple -v increases verbosity.
-V Display version number only.
-q Quiet; don't display any warning messages.
-f Fork into background after authentication.
-e char Set escape character; ``none'' = disable (default: ~).
-c cipher Select encryption algorithm
-m macs Specify MAC algorithms for protocol version 2.
-p port Connect to this port. Server must be on the same port.
-L listen-port:host:port Forward local port to remote address
-R listen-port:host:port Forward remote port to local address
These cause ssh to listen for connections on a port, and
forward them to the other side by connecting to host:port.
-D port Enable dynamic application-level port forwarding.
-C Enable compression.
-N Do not execute a shell or command.
-g Allow remote hosts to connect to forwarded ports.
-1 Force protocol version 1.
-2 Force protocol version 2.
-4 Use IPv4 only.
-6 Use IPv6 only.
-o 'option' Process the option as if it was read from a configuration file.
-s Invoke command (mandatory) as SSH2 subsystem.
-b addr Local IP address.
Sun_SSH_1.1.4, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to 148.93.1.222 [148.93.1.222] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Logging to host: 148.93.1.222
debug1: Local user: root Remote user: root
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1.4
debug1: match: Sun_SSH_1.1.4 pat Sun_SSH_1.1.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1.4
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA, DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: Peer sent proposed langtags, ctos: i-default
debug1: Peer sent proposed langtags, stoc: i-default
debug1: We proposed langtags, ctos: i-default
debug1: We proposed langtags, stoc: i-default
debug1: Negotiated lang: i-default
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: Remote: Negotiated main locale: C
debug1: Remote: Negotiated messages locale: C
debug1: dh_gen_key: priv key bits set: 147/256
debug1: bits set: 1581/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '148.93.1.222' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:3
debug1: bits set: 1567/3191
debug1: ssh_rsa_verify: signature correct
debug1: newkeys: mode 1
debug1: set_newkeys: setting new keys for 'out' mode
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: set_newkeys: setting new keys for 'in' mode
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: got SSH2_MSG_SERVICE_ACCEPT
Subject to applicable law, anyone using the Network expressly consents to:
1) having his/her network activity monitored and recorded; and,
2) using the Network only in accordance with the terms of the applicable
Acceptable Use Practices (www.NetworkAUP.com < Acceptable Use Practices (AUPs) > ).
Your work product created, transmitted or stored on GM networks or systems,
including your name or other personally identifiable information, may be shared
with other GM entities, suppliers and third parties around the globe when required for
business or legal purposes.
BE ADVISED, that improper usage of the network and/or computing systems and
equipment may result in disciplinary action, up to and including termination of employment.
If possible criminal activity is detected, system records may be provided
to law enforcement officials
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug1: Next authentication method: gssapi-keyex
debug1: Next authentication method: gssapi-with-mic
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying public key: /root/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 149 lastkey 6eed8 hint 1
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
Password: