ssh public key frustration

Net Llama! netllama
Mon May 17 11:53:38 PDT 2004 

On 09/13/03 14:16, Keith Morse wrote:

> On Sat, 13 Sep 2003, Net Llama! wrote:
> 
> 
>>I've setup & used ssh public keys many times before.  All of a sudden, i 
>>can't get it to work at all.  It works on the boxes where i've set it up in 
>>the past, but new ones just fail to work.
>>
>>The servers are all RH-7.3.  I thought that all that was required was:
>>0) on the client box, run "ssh-keygen -t dsa", hit enter at all the 
>>prompts, and i'll end up with ~/.ssh/id_dsa.pub.
>>1) I then need to place the contents of that file on the server in 
>>~/.ssh/authorized_keys.
>>2) ssh to the server, and i shouldn't be prompted for a password.
>>
>>this isn't happening.  i'm still prompted for a password.  am i missing 
>>something obvious?
> 
> 
> 
> For me, most of the time these issues almost always are related to the 
> permissions on the .ssh/authorized_keys file or the .ssh directory on the 
> destination server.   For whatever reason "ssh -vvv"  is next to near 
> impossible to decipher without being a ssh coder, wish there was more 
> meaningful text in the output of that command.
> 
> 
> Concerning the other poster's response to format inconsistency, I've had 
> very little problem with that.  One exception though, when copying the 
> public key to the .ssh/authorized_keys sometimes errant newlines get 
> thrown in for good measure.
> 
> 
> I don't remember if I've posted this to the list before, but the following 
> is the slickest way I've seen to "forward" the ssh public key correctly to 
> a remote host.  It's from a gent named Todd Jacobs who is very good at 
> shell scripting.
> 
> From: Todd A. Jacobs <nospam at codegnome.org>
> Reply-To: shell.scripting at moongroup.com
> To: shell scripting <shell.scripting at moongroup.com>
> Subject: SSH key add function
> 
> This isn't even worthy to be called a script, but it's a very easy way to 
> add your ssh key to remote host in a single step. It's made my life quite 
> a bit easier. :)
> 
>     # Takes a single argument: the name of the host to install the key
>     # onto. Will do some rudimentary error-checking to verify that it's
>     # been given a valid hostname.
>     function putkey {
>         [ $# -eq 1 ] || return 1
>         { fgrep -q $1 /etc/hosts || host $1 > /dev/null; } || return 1
>         cat $HOME/.ssh/id_dsa.pub | ssh $1 'cat >> .ssh/authorized_keys'
>     }

Well, i've made some progress.  Oddly, i can ssh one way as root, without 
having to provide my password, but i can't ssh the other way as root, or 
any other user (even though i've setup the keys the same way for every 
account on the boxes).

> 
> 
> 
> I'm quite interested in your problem, Mr. Net Llama.  I've got the same 
> issue going from any linux based host to a Cobalt RAQ and cannot get keys 
> to work at all.

ick. Cobalt RAQ's are absolute crap.  Are they still using RH-6.2 on those 
things?  I've yet to hear of, or experience anything good about them.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
L. Friedman                       	       netllama at linux-sxs.org
Linux Step-by-step & TyGeMo: 		    http://netllama.ipfox.com

   3:05pm  up 21:34,  1 user,  load average: 0.02, 0.02, 0.01

More information about the Linux-users mailing list