30 Apr
2006
30 Apr
'06
3:01 p.m.
Hi,
I finnaly found out what was worng ...
In fact I just had to add the identities with ssh-add ... ;)
I've also switched to DSA, ... thanks for the hint !
cu,
kochi
On 4/29/06, Alain Knaff <alain(a)knaff.lu> wrote:
kochi wrote:
Hi,
I'm trying to ssh passwordless from a local to a remote machine (both
debian).
On the local machine I've generated a key and copied it to the remote
machine:
local#ssh-keygen -t rsa -b 2048
local#scp id_rsa.pub remote.machine:/blabla
On the remote machine I have added the key to .ssh/authorized_keys:
remote#cat id_rsa.pub >> .ssh/authorized_keys
Now if I try to ssh the remote machine I'm still asked to enter the
passphrase ...
local# ssh remote.machine
Enter passphrase for key '/root/.ssh/id_rsa':
Have I missed something ?
Maybe the permissions. On some distributions (Fedora, don't know about
Debian), the umask is set such that by default any files created are
group writable. However, if the authorized keys file is group writable,
sshd disregards it for security reasons.
To fix this, chmod 600 .ssh/authorized_keys
Moreover, it is advisable to use DSA instead of RSA (DSA is a more
secure cipher than RSA, and some versions of sshd might actually
disallow RSA for that reason...)
ssh-keygen -t dsa
...
cat id_dsa.pub >>.ssh/authorized_keys2
chmod 600 .ssh/authorized_keys2
Thanks in advance,
yours,
kochi
Regards,
Alain