this is the very first time i am going to use SSH authentication. first i login to server@ and under this ..ssh directory of servera i used this following command:
ssh-keygen -t rsa -b 1024
and i had 2 files(bravo_dbtest and bravo_dbtest.pub) created respectively, further i copied the file to the .ssh directory of serverb and appended the file content of bravo_dbtest.pub to the authorized_keys of serverb.
but while connecting to the servers, it is still asking for password. what could be the possible reason of this. please suggest?
It is most likely because system wont recognize your identity file. Use `ssh -i "path_to_private_key"` argument and it should solve the problem. Private key should be in ~/.ssh directory of the user you are connecting with. Make sure the files are readable as well. Could be wrong permissions on either of them.
Not sure if this needs mentioning, but: you understand, that by what you did describe you can only log in to serverB coming from serverA, and only with the user you used on serverA to generate the key as the user on serverB you copied the public key to, don't you?
I suggest:
Create a directory "~/.ssh" for every user you want to use ssh (this is the default location for the identity files, so you won't have to use the "-i" switch).
Make the file mode for this directory "0700" and the files in there "0600", ssh can become picky about this, especially, if the files have to many privileges granted.
Make sure you have exchanged all the necessary keys: suppose you have "userA" and "userB" on each serverA and serverB. To make sure every user can connect to any other user each has to exchange his key with the three others: a key is only valid for one user/server combination to another user/server-combination, not even in the other direction.
You can be asked for passphrase eventualy when creating key. Are you sure you did not add one? Have you tried the -i option I sugested before? Try with -vv option and maybe put the output here for us to see.
no, i haven't done this. how to do this please suggest?
---------- Post updated at 04:43 PM ---------- Previous update was at 04:39 PM ----------
its, running
bash-3.2$ /usr/bin/svcs ssh
STATE STIME FMRI
online May_23 svc:/network/ssh:default
---------- Post updated at 05:42 PM ---------- Previous update was at 04:43 PM ----------
Could you please share your email id, so that i can share the document which i prepared for this, this doc. is containing all of the steps which i followed for ssh key authentication.
Did you check, that the key was added to the authorized_keys file in one singleton line? It is a common copy-and-paste problem, that the key is broken up into several lines.
I think we came to an end guessing around. Please post your configuration, version numbers, used OS, etc. - all things necessary for evaluating your problem.
I suggest you post the "document you prepared" here instead of asking for private email addresses. First, because this way many (instead of one) could help you and second, because the point of this forum is to build a knowledge base: anyone, having a similar problem like you, could search this board and check if your problem is related to his problem. This would not be possible if some of the vital information about your problem would be missing.