I am facing issue in setting up passwordless login through ssh on two Solaris-10 boxes. user-id ravrwa from server tsapiq04-zrwdq01 should be able to login to server tsbrit03 as cpsuserq, which is not happening. I am not sure where is the problem, while keys are already all set. Here is the example -
(root):/raven/apps/raven_users/ravrwa> id
uid=23286(ravrwa) gid=2201(raven)
(root):/raven/apps/raven_users/ravrwa> pwd
/raven/apps/raven_users/ravrwa
(root):/raven/apps/raven_users/ravrwa> ls -l .ssh
total 17
-rw------- 1 ravrwa raven 883 Dec 10 18:34 id_rsa
-rw------- 1 ravrwa raven 887 Jun 16 2011 id_rsa.old
-rw-r--r-- 1 ravrwa raven 233 Dec 10 18:34 id_rsa.pub
-rw-r--r-- 1 ravrwa raven 233 Dec 10 18:34 id_rsa.pub.11222011
-rw-r--r-- 1 ravrwa raven 233 Jun 16 2011 id_rsa.pub.old
-rw-r--r-- 1 ravrwa raven 1648 Dec 10 18:37 known_hosts
(root):/raven/apps/raven_users/ravrwa> cat .ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvn/x8G/2+4Jc5r5fMwirptHhzpZAeWevv63rLFn8CqSdm6rWeRfik/eQGj7+1xw0dWEHCZj5/uPxoBzcWe8Xe5Qnx4SZVahwYeszg05p+vo3315UV7dzAv22mif7hKKfTrY3E/SMA1lCBtZYnet3468WCLdc0W/5JkjfKLxOFtM= ravrwa@tsapiq04-zrwdq01
(root):/raven/apps/raven_users/ravrwa> ssh cpsuserq@tsbrit03
Password:
If I check pub keys on destination server (tsbrit03), those are already there exactly -
$ id
uid=56330(cpsuserq) gid=25030(cpsgrp_q)
$ pwd
/Hyperion/WERQ/raven
$ ls -l .ssh/authorized_keys
-rw------- 1 cpsuserq cpsgrp_q 233 Dec 22 16:46 .ssh/authorized_keys
$ cat .ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvn/x8G/2+4Jc5r5fMwirptHhzpZAeWevv63rLFn8CqSdm6rWeRfik/eQGj7+1xw0dWEHCZj5/uPxoBzcWe8Xe5Qnx4SZVahwYeszg05p+vo3315UV7dzAv22mif7hKKfTrY3E/SMA1lCBtZYnet3468WCLdc0W/5JkjfKLxOFtM= ravrwa@tsapiq04-zrwdq01
$
on the local server, check that the homedir of user ravrwa is actually the path /raven/apps/raven_users/ravrwa; if this is not the case, then use the switch -i /raven/apps/raven_users/ravrwa/.ssh/id_rsa to the ssh command.
Perform the same check on the remote host for user cpsuserq (the homedir should be /Hyperion/WERQ/raven).
on the remote server, check that key-based authentication is explicitly enabled in sshd configuration file (it should be the entry "PubkeyAuthentication" in /etc/ssh/sshd_config).
may you check if the remote host sshd_config file has some non-default value set for "AuthorizedKeysFile"? It may be that the ssh server is looking for authorized keys in some place different than the home directory of the user being authenticated...
Last shot in the dark could be generating another keypair (using solaris ssh implementation of ssh-keygen, not an openssh one), deliver the public key to the remote server and seeing if the problem is persistent with the new keys.
Have a nice weekend and Xmas time! I'll be offline in a few minutes.
looks like the format of your private sskey is incorrect for the version of SSH your using.
debug1: identity file /raven/apps/raven_users/ravrwa/.ssh/identity type -1
debug3: Not a RSA1 key file /raven/apps/raven_users/ravrwa/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'