Passphrase not working - SSH

This is a discussion on Passphrase not working - SSH ; I have two servers, dev (swisn023) and production (exosp023) with two different users on both boxes. On production I have a user called riskman, and on dev riskmand. I want to write a script to log onto the production box ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Passphrase not working

  1. Passphrase not working


    I have two servers, dev (swisn023) and production (exosp023) with two
    different users on both boxes. On production I have a user called
    riskman, and on dev riskmand. I want to write a script to log onto the
    production box and copy some of the live data to the dev box. Rlogin,
    rcp and ftp have been disabled, so I have to use scp or sftp and ssh,
    so I am trying to set up passphrase authentication.

    On dev I have done:
    swisn023>ssh -l riskman exosp023

    The authenticity of host 'exosp023 (10.196.34.125)' can't be
    established.
    RSA key fingerprint is
    35:8b:ea:b5:59:8e:12:08:b9:cf:fc:d4:d3:35:e8:02.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added 'exosp023,10.196.34.125' (RSA) to the list
    of known hosts.
    Password:

    exosp023>mkdir .ssh
    exosp023>chmod 700 .ssh
    exosp023>exit

    swisn023>ssh-keygen -t rsa
    Generating public/private rsa key pair.
    Enter file in which to save the key
    (/apps/FRAUDD1/fms/bin/.ssh/id_rsa):
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in
    /apps/FRAUDD1/fms/bin/.ssh/id_rsa.
    Your public key has been saved in
    /apps/FRAUDD1/fms/bin/.ssh/id_rsa.pub.
    The key fingerprint is:
    74:8f:f4:9f:5a:1c:0c:ca:4f:d1:84:9a:df:4e:97:0f riskmand@swisn023

    swisn023>ls -l .ssh/
    -rw------- 1 riskmand risk 963 Dec 6 16:37 id_rsa
    -rw-r--r-- 1 riskmand risk 227 Dec 6 16:37 id_rsa.pub
    -rw-r--r-- 1 riskmand risk 232 Dec 6 16:31 known_hosts


    swisn023>scp .ssh/id_rsa.pub
    riskman@exosp023:~/.ssh/id_rsa.swisn023.pub
    Password:
    id_rsa.pub 100% 227 0.2KB/s 00:00
    swisn023>ssh -l riskman exosp023
    Password:
    exosp023>cd .ssh
    exosp023>ls -l
    -rw-r--r-- 1 riskman risk 227 Dec 6 16:46 id_rsa.swisn023.pub
    exosp023>cat id_rsa.swisn023.pub >> authorized_keys
    exosp023>chmod 600 authorized_keys
    exosp023>ls -l
    -rw------- 1 riskman risk 227 Dec 6 16:50 authorized_keys
    -rw-r--r-- 1 riskman risk 227 Dec 6 16:46 id_rsa.swisn023.pub
    exosp023>exit
    swisn023>ssh -l riskman exosp023
    Password:

    So the passphrase is not being used.

    If I run ssh with debugging I get:

    swisn023>ssh -v -l riskman exosp023
    OpenSSH_3.8.1p1, OpenSSL 0.9.7d 17 Mar 2004
    debug1: Reading configuration data /usr/local/etc/ssh_config
    debug1: Connecting to exosp023 [10.196.34.125] port 22.
    debug1: Connection established.
    debug1: identity file /apps/FRAUDD1/fms/bin/.ssh/identity type -1
    debug1: identity file /apps/FRAUDD1/fms/bin/.ssh/id_rsa type 1
    debug1: identity file /apps/FRAUDD1/fms/bin/.ssh/id_dsa type -1
    debug1: Remote protocol version 2.0, remote software version
    OpenSSH_3.8.1p1
    debug1: match: OpenSSH_3.8.1p1 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Host 'exosp023' is known and matches the RSA host key.
    debug1: Found key in /apps/FRAUDD1/fms/bin/.ssh/known_hosts:1
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue:
    publickey,keyboard-interactive
    debug1: Next authentication method: publickey
    debug1: Trying private key: /apps/FRAUDD1/fms/bin/.ssh/identity
    debug1: Offering public key: /apps/FRAUDD1/fms/bin/.ssh/id_rsa
    debug1: Authentications that can continue:
    publickey,keyboard-interactive
    debug1: Trying private key: /apps/FRAUDD1/fms/bin/.ssh/id_dsa
    debug1: Next authentication method: keyboard-interactive
    Password:


    I cannot see why my passphrase is not being used. I have read every
    page Google has found for me and as far as I can tell I am doing
    everything correctly, but it is still not working. Can anyone enlighten
    me?

    Thanks


    --
    clancypc
    posted via http://sysdminforum.com


  2. Re: Passphrase not working


    Check the permissions on the remote home directory; it must also be
    writable only by the owner.

    http://www.snailbook.com/faq/general...ging.auto.html

    --
    Richard Silverman
    res@qoxp.net


+ Reply to Thread