[TriLUG] Public Key Authentication with SSH
Owen Berry
oberry at trilug.org
Thu Jan 26 10:29:24 EST 2006
You need to have the private key in the correct place on the local
machine, or look at using the -i option when calling ssh. If you call
ssh-keygen without -f it will create the keys in the correct place with
the correct file names. Or copy the files so it matches:
$ ls ~/.ssh
authorized_keys config id_dsa id_dsa.pub known_hosts
Also note that the .ssh directory and contents should all only be
readable by the owner.
Owen
On Thu, Jan 26, 2006 at 10:15:29AM -0500, Brian Blater (BBList) wrote:
> The machines I'm using are SUSE 10 and SLES9. These boxes are internal
> test boxes on our local network. For now I'm trying to setup public key
> authentication with a blank password (for scripting purposes). Here is
> what I've done so far.
>
> On the remote host I've modified sshd_config with the following
> options:
> PubkeyAuthentication yes
> AuthorizedKeysFile .ssh/authorized_keys
>
> On the local host I've modified ssh_config with the following options:
> HostKeyAlgorithms ssh-dss
> PreferredAuthentications
> hostbased,publickey,keyboard-interactive,password
> PubkeyAuthentication yes
>
> Restarted sshd on remote and local hosts.
>
> On local host I ran ssh-keygen -t dsa -b 2048 -f filename-dsa.
> (when prompted for a passphrase I just hit enter)
>
> I then copied the filename-dsa.pub key to the remote host and added it
> to the user's .ssh/authorized_keys file using cat.
>
> At this point I should be done. I then ssh to the remote host as the
> user, but I'm still prompted for a password. Not sure where I went
> wrong, so any suggestions would be greatly appreciated.
>
> Thanks,
> Brian
>
More information about the TriLUG
mailing list