Question

25

passwordless ssh not working

rated 0 times [ 25] [ 0] / answers: 1 / hits: 189936 / 1 Year ago, fri, april 7, 2023, 9:46:52

I've tried to setup a password-less ssh b/w A to B and B to A as well.
Generated the public and private key using ssh-keygen -trsa on both the machines.
Used the ssh-copy-id utility to copy the public-keys from A to B as well as B to A.

The passwordless ssh works from A to B but not from B to A.
I've checked the permissions of the ~/ssh/ folder and seems to be normal.

A's .ssh folder permissions:

-rw-------  1 root root 13530 2011-07-26 23:00 known_hosts

-rw-------  1 root root   403 2011-07-27 00:35 id_rsa.pub

-rw-------  1 root root  1675 2011-07-27 00:35 id_rsa

-rw-------  1 root root   799 2011-07-27 00:37 authorized_keys

drwxrwx--- 70 root root  4096 2011-07-27 00:37 ..

drwx------  2 root root  4096 2011-07-27 00:38 .

B's .ssh folder permissions:

-rw------- 1 root root  884 2011-07-07 13:15 known_hosts

-rw-r--r-- 1 root root  396 2011-07-27 00:15 id_rsa.pub

-rw------- 1 root root 1675 2011-07-27 00:15 id_rsa

-rw------- 1 root root 2545 2011-07-27 00:36 authorized_keys

drwxr-xr-x 8 root root 4096 2011-07-06 19:44 ..

drwx------ 2 root root 4096 2011-07-27 00:15 .

A is an ubuntu 10.04 (OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009) B is a debian machine (OpenSSH_5.1p1 Debian-5, OpenSSL 0.9.8g 19 Oct 2007)

From A:

#ssh B

works fine.

From B:

#ssh -vvv A 

...

...

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug2: key: /root/.ssh/identity ((nil))

debug2: key: /root/.ssh/id_rsa (0x7f1581f23a50)

debug2: key: /root/.ssh/id_dsa ((nil))

debug3: Wrote 64 bytes for a total of 1127

debug1: Authentications that can continue: publickey,password

debug3: start over, passed a different list publickey,password

debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password

debug3: authmethod_lookup publickey

debug3: remaining preferred: keyboard-interactive,password

debug3: authmethod_is_enabled publickey

debug1: Next authentication method: publickey

debug1: Trying private key: /root/.ssh/identity

debug3: no such identity: /root/.ssh/identity

debug1: Offering public key: /root/.ssh/id_rsa

debug3: send_pubkey_test

debug2: we sent a publickey packet, wait for reply

debug3: Wrote 368 bytes for a total of 1495

debug1: Authentications that can continue: publickey,password

debug1: Trying private key: /root/.ssh/id_dsa

debug3: no such identity: /root/.ssh/id_dsa

debug2: we did not send a packet, disable method

debug3: authmethod_lookup password

debug3: remaining preferred: ,password

debug3: authmethod_is_enabled password

debug1: Next authentication method: password

[email protected]'s password:

Which essentially means it's not authenticating using the file /root/id_rsa.
I ran the ssh-add command in both the machines as well.

The authentication part of /etc/ssh/sshd_config file is

# Authentication:

LoginGraceTime 120

PermitRootLogin yes

StrictModes yes



RSAAuthentication yes

PubkeyAuthentication yes

#AuthorizedKeysFile     %h/.ssh/authorized_keys



# Don't read the user's ~/.rhosts and ~/.shosts files

I'm running out of ideas.
Any help would be appreciated.

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

izeeas

Add To Favorites

Follow

Total Points: 412

Total Questions: 105

Total Answers: 118

Location: Trinidad and Tobago

Member since Fri, May 8, 2020

4 Years ago

izeeas questions

1 Shell-Check failure

Sat, Apr 30, 22, 12:13, 2 Years ago

1 Ubuntu 22.04.2 - Screen flickering / glitches

Tue, Nov 29, 22, 06:22, 1 Year ago

1 How to resolve unmet dependencies error when upgrading? Depends: nvidia-kernel-common-515 (>= 515.76) but 515.65.01-0ubuntu1 is installed

Fri, Mar 17, 23, 06:45, 1 Year ago

1 Conky running in startup, but not showing

Thu, Nov 3, 22, 12:35, 1 Year ago

1 ssh login access works fine... Cannot login from GUI Ubuntu 20.04

Mon, Dec 20, 21, 06:40, 2 Years ago

View All

answered 1 Year ago eeperant · Accepted Answer

Just make sure that you have followed the following procedure:

On Machine A

open a terminal and enter the commands as follows:

root@aneesh-pc:~# id

Just to make sure that we are root.

If the above command output something like below we are root else switch to root using the su command

uid=0(root) gid=0(root) groups=0(root)

1) Create the keys.

ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa): 

Enter passphrase (empty for no passphrase): 

Enter same passphrase again: 

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

49:7d:30:7d:67:db:58:51:42:75:78:9c:06:e1:0c:8d root@aneesh-pc

The key's randomart image is:

+--[ RSA 2048]----+

|          ooo+==B|

|         . E=.o+B|

|        . . .+.*o|

|       . . .  ...|

|        S        |

|                 |

|                 |

|                 |

|                 |

+-----------------+

I haven't used any passphrase. If you need one you can use it.

2) Copy the public key in to machine B's .ssh/authorized_keys file

root@aneesh-pc:~# ssh-copy-id -i /root/.ssh/id_rsa.pub root@mylap

root@mylap's password:

Now try logging into the machine, with ssh 'root@mylap', and check in:

~/.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

Replace mylap with the hostname or ip of the machine you want to login (i.e. machine B)

3) Login to B without password

root@aneesh-pc:~# ssh root@mylap

Warning: Permanently added 'mylap,192.168.1.200' (RSA) to the list of known hosts.

Welcome to Ubuntu 11.04 (GNU/Linux 2.6.38-8-generic x86_64)



 * Documentation:  https://help.ubuntu.com/



Last login: Wed Jul 27 15:23:58 2011 from streaming-desktop.local

aneesh@mylap:~$

On Machine B

4) Create the keys to login back to Machine A

root@mylap:~# ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa): 

Enter passphrase (empty for no passphrase): 

Enter same passphrase again: 

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

35:9f:e7:81:ed:02:f9:fd:ad:ef:08:c6:4e:19:76:b1 root@streaming-desktop

The key's randomart image is:

+--[ RSA 2048]----+

|                 |

|                 |

|          o   .  |

|         . + + o |

|        S o * E  |

|           = O . |

|            O +  |

|           + o o.|

|            . o+=|

+-----------------+

5) Copy the public key in to machine A's .ssh/authorized_keys file

root@mylap:~# ssh-copy-id -i /root/.ssh/id_rsa.pub root@aneesh-pc

Warning: Permanently added 'aneesh-pc,192.168.1.20' (RSA) to the list of known hosts.

root@aneesh-pc's password:

Now try logging into the machine, with ssh 'root@aneesh-pc', and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

6) Login to A without password

ssh root@aneesh-pc

Warning: Permanently added 'aneesh-pc,192.168.1.20' (RSA) to the list of known hosts.

Welcome to Ubuntu 11.04 (GNU/Linux 2.6.38-8-generic x86_64)



 * Documentation:  https://help.ubuntu.com/





Last login: Tue Jul 26 18:52:55 2011 from 192.168.1.116

If you are able to complete these steps You are done. Now you have two machines with ssh-key (public-key) enabled login.