ph34r# mkdir ~/.ssh
ph34r# chmod 700 ~/.ssh
ph34r# cd ~/.ssh
ph34r# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key ("your_local_home"/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in id_rsa.
Your public key has been saved in id_rsa.pub.
The key fingerprint is:
17:5a:e7:77:ad:2c:0b:8e:f3:97:f8:20:53:79:69:55 root@ph34r
ph34r# scp ~/.ssh/id_rsa.pub jimbo@l0ath1ng.tehinterweb.net:/home/jimbo/id_rsa.ph34r.pub
ph34r# ssh jimbo@l0ath1ng.tehinterweb.net
Password:
% mkdir .ssh
% chmod 700 .ssh
% cat id_rsa.ph34r.pub >> .ssh/authorized_keys
% chmod 644 .ssh/authorized_keys
I have used the ssh-copy-id with the following result.....
[oracle@node1 .ssh]$ ssh-copy-id -i id_dsa.pub node2
oracle@node2 password:
Now try logging into the machine, with "ssh node2'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[oracle@node1 .ssh]$ ssh node2
oracle@node2's password:
[oracle@node1 .ssh]$ ssh -v node2
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to node2[node2] port 22.
debug1: Connection established.
debug1: identity file /home/oracle/.ssh/identity type -1
debug1: identity file /home/oracle/.ssh/id_rsa type -1
debug1: identity file /home/oracle/.ssh/id_dsa type 2
debug1: loaded 3 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '192.168.235.15' is known and matches the RSA host key.
debug1: Found key in /home/oracle/.ssh/known_hosts:3
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
No credentials cache found
debug1: Unspecified GSS failure. Minor code may provide more information
No credentials cache found
debug1: Unspecified GSS failure. Minor code may provide more information
No credentials cache found
debug1: Next authentication method: publickey
debug1: Trying private key: /home/oracle/.ssh/identity
debug1: Trying private key: /home/oracle/.ssh/id_rsa
debug1: Offering public key: /home/oracle/.ssh/id_dsa
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: password
oracle@node2's password:
Might be worth adding, I applied the exact same procedure from the same host to another server on the same vlan and it worked fine. All permissions are the same.
[oracle@node1.ssh]$ ssh-copy-id node2
/usr/bin/ssh-copy-id: ERROR: No identities found
[oracle@node1 .ssh]$ ssh-copy-id -i node2
/usr/bin/ssh-copy-id: ERROR: No identities found
I would suggest you to look into /etc/ssh/sshd_config file before copying the keys to another server, look for the entry "AuthorizedKeyFile" location in the config file, check where it is pointing to user's home directory authorized file or default location as /etc/ssh/auth_keys directory.
Dec 8 14:21:02 node2 su: pam_unix(su-l:session): session opened for user oracle by root(uid=0)
Dec 8 14:25:53 node2 sshd[25357]: Connection closed by UNKNOWN