• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

ssh key doesn't work?

V

VinylxScratches

Golden Member
I am on opensuse 11.4

When I run ssh-keygen on the server, I generate a key that populates on ~/.ssh/id_rsa.pub and ~/.ssh/id_rsa.

I copp id_rsa.pub to the client laptop that is running 11.4 as well.

I then rename id_rsa.pub to authorized_keys and chmod 600.

Then I try to do ssh -i authorized_keys IP server and it prompts for a password.

What am I doing wrong?
 
Generally you create your key on the machine you will be SSH'ing from. Then you copy your public key to the server, usually by delivering it to the admin of the server if you don't already have access to the server.
 
Well wait a sec.... so how does the server know that the key is ok with credentials? My username is the same on both computers, I guess I see that. But what about if they aren't? I'm confused now.
 
You put your public key in the authorized_keys of whatever account you're logging into. It compares the keys of the accounts you specify, the username doesn't have to be the same.
 
I was having the same issue a while ago. I'd followed a tutorial to the letter and still couldn't get public key authentication to work. Turns out AuthorizedKeysFile was commented out by default in sshd_config, so check your config file.
 
I don't know anything about Suse, but I recently worked through this on a RHEL 5 server. In that case, the file was named authorized_keys2. I also saw some notes that the permission needed to set, or it would fail. Set the .ssh dir to chmod 700, but some tips say chmod 600.
 
joetekubi said:
I don't know anything about Suse, but I recently worked through this on a RHEL 5 server. In that case, the file was named authorized_keys2. I also saw some notes that the permission needed to set, or it would fail. Set the .ssh dir to chmod 700, but some tips say chmod 600.
Click to expand...

The directory should be executable, but not the file. And the server logs should explicitly say when there's a permissions issue.
 
I'll just give a rundown of the correct steps. I'm going to make the assumption that your laptop can SSH into your server machine in some fashion right now.. if not you should be able to figure out what to do


mkdir -p ~/.ssh/ ; cd ~/.ssh/ ; ssh-keygen -t rsa -f id_rsa -C "`whoami`@`hostname`" -q -P ''

ssh whoever@server "mkdir -p ~/.ssh/ ; echo `cat ~/.ssh/id_rsa.pub` >> ~/.ssh/authorized_keys ; chmod 700 ~/.ssh/ ; chmod 600 ~/.ssh/authorized_keys"

Run this on your server to disable password authentication and only use pub keys..


perl -i.bak -p -e "s/(^PubkeyAuthentication\s+)(.*)/\1Yes/;s/(^PasswordAuthentication\s+)(.*)/\1No/" /etc/ssh/sshd_config


should work. lmk if it doesnt
 
oh, also..

ssh -i shouldn't point to authorized_keys. it should point to your private key that corresponds to the key in the servers authorized_keys file. you don't need to use the -i option if your private key is in ~/.ssh/ and named id_rsa, id_dsa, or identity .. you can add some config options to make it look thru more of them or whatever though.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top