i am running an AIX 5.3 machine and i want to connect via ssh to the RPA Management site without prompting for password.
i already had a public key of this server as i use the same thing for ssh connection with other AIX machines.
i connected to the RPA Management Site and i run the following command:
add_ssh_key name='username' key='xxxxxx'
the key that i use is the following: /.ssh/id_rsa.pub
the RPA version is 3.4 SP2
the problem is that i still get the password prompt when i try to connect via ssh to the RPA Management site. i dont know what else i have to do. i search around but i cannot find anything else.
The sshd is very fussy about permissions on dirs and files .ssh* and down.
The general thing for password free access is that the client machine ~/.ssh/id*.pub (one line) needs to be in the server machine ~/.ssh/authorized_keys file.
I read that the keys need to be generated with no password, as well, else you get prompted for that (which is more secure than simple password, I guess).
command.
i already used this command from my AIX machines because as i said before i already use ssh connection to other AIX machines without prompting for password.
the problem is that i cannot use the command
ssh-keygen
for the RPA.
i read the the procedure to have an ssh connection without prompting for password between an AIX machine and RPA is just running one command.
the
add_ssh_key
command that i wrote before is a command running from the RPA server. also when i run the command
get_ssh_keys
i can see that the ssh key that i tried to saved before is already saved to the RPA.
You said '/.ssh/id_rsa.pub', so I guess it is 'root' your are trying to connect as, password-free? There might be additional sshd switches to allow that.
actually you are right this file is for root user whereas i wanted to make a password-free connection for other user, not root.
but still, i created before a while a public key for the user that i want to have this connection and i add it to the RPA but still prompting for password.
Most common cause of this is the file permissions on a users home directory, debugging usisng the -v flag for the ssh command will help as will running the sshd in the foreground.
To run sshd with -v in the foreground (path of sshd may be different dependent on version installed)
stopsrc -s sshd
/usr/sbin/sshd -v
You can then test the login. Do be careful to leave your other session logged in as you will need to restart the sshd after you've tested.
the problem is that i cannot stop the sshd service of this server. this server is a banking server and there are thousands of users connected to it through ssh connections. so you realize that i cannot stop the service of sshd in order to make this test but i will check about the user permissions.