[Solved] SSH key authentication problem

Hi All,

this is the very first time i am going to use SSH authentication. first i login to server@ and under this ..ssh directory of servera i used this following command:

ssh-keygen -t rsa -b 1024

and i had 2 files(bravo_dbtest and bravo_dbtest.pub) created respectively, further i copied the file to the .ssh directory of serverb and appended the file content of bravo_dbtest.pub to the authorized_keys of serverb.

but while connecting to the servers, it is still asking for password. what could be the possible reason of this. please suggest?

It is most likely because system wont recognize your identity file. Use `ssh -i "path_to_private_key"` argument and it should solve the problem. Private key should be in ~/.ssh directory of the user you are connecting with. Make sure the files are readable as well. Could be wrong permissions on either of them.

Not sure if this needs mentioning, but: you understand, that by what you did describe you can only log in to serverB coming from serverA, and only with the user you used on serverA to generate the key as the user on serverB you copied the public key to, don't you?

I suggest:

Create a directory "~/.ssh" for every user you want to use ssh (this is the default location for the identity files, so you won't have to use the "-i" switch).

Make the file mode for this directory "0700" and the files in there "0600", ssh can become picky about this, especially, if the files have to many privileges granted.

Make sure you have exchanged all the necessary keys: suppose you have "userA" and "userB" on each serverA and serverB. To make sure every user can connect to any other user each has to exchange his key with the three others: a key is only valid for one user/server combination to another user/server-combination, not even in the other direction.

I hope this helps.

bakunin

i have checked everything, even permissions are same as suggested, but still i am prompted for password, not sure why??

You can be asked for passphrase eventualy when creating key. Are you sure you did not add one? Have you tried the -i option I sugested before? Try with -vv option and maybe put the output here for us to see.

Another possible reason: did you install and start the server daemon, sshd , on the target machine(s)?

I hope this helps.

bakunin

no, i haven't done this. how to do this please suggest?

---------- Post updated at 04:43 PM ---------- Previous update was at 04:39 PM ----------

its, running

bash-3.2$ /usr/bin/svcs ssh
STATE STIME FMRI
online May_23 svc:/network/ssh:default

---------- Post updated at 05:42 PM ---------- Previous update was at 04:43 PM ----------

Could you please share your email id, so that i can share the document which i prepared for this, this doc. is containing all of the steps which i followed for ssh key authentication.

Did you check, that the key was added to the authorized_keys file in one singleton line? It is a common copy-and-paste problem, that the key is broken up into several lines.

yes i have checked , and authorized key and public key content are same .pub key conent was properly appended to the authorized key.

Have you tried with -i and -vv option? what does it give you?

I think we came to an end guessing around. Please post your configuration, version numbers, used OS, etc. - all things necessary for evaluating your problem.

I suggest you post the "document you prepared" here instead of asking for private email addresses. First, because this way many (instead of one) could help you and second, because the point of this forum is to build a knowledge base: anyone, having a similar problem like you, could search this board and check if your problem is related to his problem. This would not be possible if some of the vital information about your problem would be missing.

I hope this helps.

bakunin

thanks everyone for their suggestions, actually the problem got resolved by changing the permission.

bash-3.2$ ls -ld bravodba
drwxrwxrwx  26 bravodba dba           67 Aug 19 08:24 bravodba
bash-3.2$ chmod 755 bravodba

thanks all

Your home directory? Yes, that's some relevant permissions often forgotten. Glad you got it working.

thank you very much, people on this forum are so helpful. highly appriciated :b: