rsa key problem

Printable View

03-17-2008, 10:50 PM
unix

rsa key problem

Hi,

I generate an rsa key with:
ssh-keygen -N '' -t rsa -f $HOME/.ssh/id_rsa
and copy id_rsa.pub to my server. there i copy the two lines into
~/.ssh/known_hosts. i then restart sshd but i'm still not able to login
without a password promt, why not? :(
--
Thanks!
Ron
03-17-2008, 11:53 PM
unix

Re: rsa key problem

On Mon, 2008-03-17 at 22:50 +0000, Ron Eggler wrote:[color=blue]
> Hi,
>
> I generate an rsa key with:
> ssh-keygen -N '' -t rsa -f $HOME/.ssh/id_rsa
> and copy id_rsa.pub to my server. there i copy the two lines into
> ~/.ssh/known_hosts. i then restart sshd but i'm still not able to login
> without a password promt, why not? :([/color]

Could be several things... but the most common cause of not
being able to use a key'd login is permissions on the directory
path holding the key. Check your home dir permissions and .ssh
dir permissions. Make sure they are locked down pretty tight.

In general, I don't try to add things into known_hosts. But
if you do, I would think it would be looking for the host key.
Normally (default), the entry will get made the first time you
go to a remote host.
03-18-2008, 12:13 AM
unix

Re: rsa key problem

Chris Cox wrote:
[color=blue]
> On Mon, 2008-03-17 at 22:50 +0000, Ron Eggler wrote:[/color]
[color=blue][color=green]
>> I generate an rsa key with:
>> ssh-keygen -N '' -t rsa -f $HOME/.ssh/id_rsa
>> and copy id_rsa.pub to my server. there i copy the two lines into
>> ~/.ssh/known_hosts. i then restart sshd but i'm still not able to
>> login without a password promt, why not? :([/color]
>
> Could be several things... but the most common cause of not
> being able to use a key'd login is permissions on the directory
> path holding the key.[/color]
[color=blue]
> In general, I don't try to add things into known_hosts. But
> if you do, I would think it would be looking for the host key.[/color]

Make sure the header is correct, e.g.
mymachine.example.com,XXX.XXX.XXX.XXX ssh-rsa QW3twuqXl4vp...

Even an additional space character will mess up the keyless login,
BTDTGNT.

Günther
03-18-2008, 09:47 AM
unix

Re: rsa key problem

Ron Eggler schreef:[color=blue]
> Hi,
>
> I generate an rsa key with:
> ssh-keygen -N '' -t rsa -f $HOME/.ssh/id_rsa
> and copy id_rsa.pub to my server. there i copy the two lines into
> ~/.ssh/known_hosts. i then restart sshd but i'm still not able to login
> without a password promt, why not? :([/color]

You should add your public key to the authorized_keys file not known_host.

prompt> cat id_rsa.pub >> authorized_keys