SSH key issue

powerAIX · August 26, 2016, 9:28am

Hello

I have AIX server as a source server and destination is Linux server. I have configured the ssh key as below....
generated rsa key on aix with userA and copied the public key to
on linux server in userB/.ssh/authorized_keys
but when i try ssh userB@linux server its again asks me for pasword.

AIX server "7100-03-04" and Linux server "RHEL 6.7"

please suggest.

RudiC · August 26, 2016, 9:39am

Where is your private key stored?
What are the permissions of .ssh/authorized_keys ?
Is the sshd on linux configured correctly?

powerAIX · August 31, 2016, 6:34am

The public key and private key is in users home directory .ssh folder.
The same configuration is working for aix to aix server, linux to linux and also linux to aix but it is not working for aix to linux.

rbatte1 · September 5, 2016, 12:27pm

Is it actually asking for a passphrase rather than a password?

Can you show us listings from:-

AIX, userA
Linux, userB

The listing would be ls -la .ssh

You could also try:-

ssh -v userB@Linux

.... and that might give a few more clues.

Robin

bakunin · September 5, 2016, 2:29pm

Common problems/misunderstandings with ssh (no intention of completeness):

1) directory permissions:
Note that the directory in which the ssh-files in your homedir reside (per default $HOME/.ssh ) has to be owned by you and have filemode 700.

2) file permissions:
The file $HOME/.ssh/authorized_keys has to be owned by the user and has to have a filemode of 600.

3) ssh-keys are one-way only!
If you create a key on sys1 as user1 and store it in $HOME/.ssh/authorized_keys of user2 on sys2 that means that you can connect as user1@sys1 to sys2 as user2, BUT NOT THE OTHER WAY ROUND! If you want this too, then create a key on sys2 as user2 and put this in the respective file of user1 on sys1.

4) Sessions are cancelled for no apparent reason
SSH (the daemon, not the client) might be configured to kill sessions which have no traffic for a certain amount of time. If you do not want this but cannot guarantee that your session always experiences minimum traffic (i.e. some installers may be silent for quite some while) put the following into the file $HOME/.ssh/config

# Enable keep-alive packets
Host *
     ServerAliveInterval 15
     ServerAliveCountMax 21600

5) after an LPM operation ssh complains about duplicate hosts and terminates
An LPM (live partition mobility) operation changes the (hardware-based) host identification and therefore the ssh thinks it sees a new host with an IP address of the old host. You can easily solve this by removing the entry in the file $HOME/.ssh/known_hosts , but this is cumbersome. If you do not want this to lead to the termination of the connection attempt you can add the line:

# Enable keep-alive packets
Host *
     ServerAliveInterval 15
     ServerAliveCountMax 21600
     StrictHostKeyChecking no

to your $HOME/.ssh/config file.

I hope this helps.

bakunin