From host1 able to ssh to host2 as same user with out password prompt. But, when ssh to different user in
host2, it prompts for password
DETAILS
In host1:
1) logged as root
2) ssh-keygen -t dsa -b 1024 (no pass phrase)
3) Ensured that permission for /.ssh is 700 & for id_dsa is 600
4) copied id_dsa.pub to host2 : /.ssh
In host2:
1) logged as root
2) cp /.ssh/id_dsa.pub /.ssh/authorized_keys
3) Ensured that permission for /.ssh is 700 & for authorized_keys is 644
From host1:
1) Login as root
2) ssh host2 - Successfully logs in with OUT asking for the password
In host2
1) created a new userid - abcd - homedir /opt/abcd
2) created /opt/abcd/.ssh - 700
3) copied /.ssh/authorized_keys to /opt/abcd/.ssh/authorized_keys 644
From host1:
1) Login as root
2) ssh abcd@host2 - prompts for password.
What should be done so that, from host1, I can ssh for any user in host2 without getting the password prompt
On host 2, edit the /home/user/.ssh/authorized.keys and change the key identity:
ssh-rsa LKJojlKlkjMLjpojMPJmlj etc... == root@host1
to :
ssh-rsa LKJojlKlkjMLjpojMPJmlj etc... == user@host1
On host 1 copy the root private key (id_rsa) to /home/user/.ssh/
If this doesn't work, I guess you will need to create a new pair of key for your user the same way you did for root.
On host 2, when you try to login as user@host1 sshd will look for a public key belonging to user@host1, not root@host1 even if you invoque ssh user@host2 in a root session on host1. Hence the need to edit the public key indentification in the host2 authorized_keys. Or to create a new pair of keys for user
To trouble shoot:
$ tail -f /var/log/auth.log | grep ssh # adapt to the log name or UID specific to your *nix box
sshd is generally pretty verbal about key exchange issues and can be made more so(-d). Check /var/log/messages or wherever you are logging sshd to or run in the the fg with -D. ssh -v{3} is your friend.
I've seen a similar problem where the key permissions were too open. OpenSSH may not like world readable permissions for your private key.
