Hello, I must relogin on the same machine in my shell with ssh and without password. For this I tried the procedure ssh-keygen -t dsa and ssh-keygen -t rsa. I copied the entries in /.ssh/id_dsa.pub and /.ssh/id_rsa.pub in /.ssh/authorized_keys When I open a shell I type exec ssh-agent $SHELL and then ssh-add and give my passphrases. When I now type ssh machinename my PC wants my password. I am running Redhat 7.3.3 and, sorry, I am a beginner using Linux. Thank you in advance, Martin
Martin Imh?user wrote:> I must relogin on the same machine in my shell with ssh and without password. > For this I tried the procedure > ssh-keygen -t dsa and ssh-keygen -t rsa.Only one of those two are required. Personally I use only the 'rsa' type.> I copied the entries in /.ssh/id_dsa.pub and /.ssh/id_rsa.pub in > /.ssh/authorized_keysDid you mean a literal / there? Hope not. Those should go into your home directory, not /. So hopefully you put those in $HOME/.ssh. Also, the $HOME/.ssh/authorized_keys is on the _remote_ machine and not the local machine. Also, sometimes people do this with an text editor and accidentally word wrap the file. Therefore I recommend simply appending them with the shell and cat. These steps will correct any problems here. mv $HOME/.ssh/authorized_keys $HOME/.ssh/authorized_keys.bak cat $HOME/.ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys chmod go-w $HOME/.ssh/authorized_keys> When I open a shell I type exec ssh-agent $SHELL and then ssh-add > and give my passphrases.Good.> When I now type ssh machinename my PC wants my password.The most common reason for this is that SSH finds insecure file permission modes on files or directories and therefore cannot trust the authorized_keys file. You most likely created one of the directories or files with group write permission. On the remote machine these commands will verify and correct the permissions. ls -ld $HOME $HOME/.ssh $HOME/.ssh/authorized_keys drwxr-xr-x 101 bob bob 10824 2004-03-21 11:39 /home/bob drwxr-xr-x 3 bob bob 488 2004-01-13 07:54 /home/bob/.ssh -rw-r--r-- 1 bob bob 2637 2004-01-09 20:23 /home/bob/.ssh/authorized_keys If you find one with group write permission change it with chmod. chmod go-w $HOME $HOME/.ssh $HOME/.ssh/authorized_keys That is the most likely problem and those steps should correct it. Bob
Hi, On Sun, Mar 21, 2004 at 11:53:15AM -0700, Bob Proulx wrote:> > Also, sometimes people do this with an text editor and accidentally > word wrap the file. Therefore I recommend simply appending them with > the shell and cat. These steps will correct any problems here. > > mv $HOME/.ssh/authorized_keys $HOME/.ssh/authorized_keys.bakmake that a "cp"... gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany gert at greenie.muc.de fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de