| View previous topic :: View next topic |
| Author |
Message |
rek2
Guru
Joined: 05 Jan 2003
Posts: 477
Location: Boston USA/Barcelona Spain
|
 Posted: Sun Feb 22, 2009 11:10 pm Post subject: SSH key auth |
 |
|
Hi guys I been using ssh for a long time and create keys in the pass for no passwd authentification to some servers, but today for some reason Im trying to add my home key to my servers using ssh-keyinstall, after is done I *still* get promp for the passwd.. but other key from work still works fine..
if I erase the authorized file and redo my home key install with out my work one been there before then it works.... this is very odd..
anyone have an idea of what im doing wrong?
Thanks
_________________
http://www.dailyradical.org
http://www.binaryfreedom.info
use jabber!!! sing on now, register an account:
http://jabber.binaryfreedom.info |
|
| Back to top |
|
 |
Bones McCracker
Veteran
Joined: 14 Mar 2006
Posts: 1611
Location: U.S.A.
|
| Posted: Mon Feb 23, 2009 1:58 am Post subject: |
|
|
I assume you are using terminology properly, and that you are being prompted for a "password" by the server (and not a "passphrase" by the client).
If, on the server, you have enabled public key authentication and disabled password authentication, this cannot occur. If password authentication is disabled, the server will not prompt for a password. (The client may prompt for the "passphrase" corresponding to the private key, but you should never receive a prompt from the server for the user "password" corresponding to the remote account.)
If, on the server you have enabled public key authentication and also left password authentication enabled, then public key authentication should be preferred over password authentication, and you should not receive a "password" prompt from the server except in cases where there is not a valid public key registered for the connecting identity. To be valid, the key must be of the proper type and stored intact in the user's "authorized keys" file. Note, however, that even when an identity's public key is stored on the server as "authorized", the client will prompt its user for the "passphrase" to the corresponding private key (unless the corresponding private key has an empty passphrase).
Bottom line:
If you created your key with an empty passphrase, stored the public key on the server as an "authorized key", and have not disabled public key authentication on the server, then you should not be getting prompted. If you are, I suggest you verify that they key was created with a blank passphrase and check your other settings. |
|
| Back to top |
|
|
slackline
Veteran
Joined: 01 Apr 2005
Posts: 1477
Location: /uk/sheffield
|
| Posted: Mon Feb 23, 2009 7:33 am Post subject: |
|
|
Are you using keychain?
_________________
"Science is what we understand well enough to explain to a computer. Art is everything else we do." - Donald Knuth |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23701
|
| Posted: Tue Feb 24, 2009 4:18 am Post subject: |
|
|
| Keychain is not required for this. BoneKracker makes some good suggestions. If you are not familiar with the server configuration, you may be able to debug the problem by using the -v option to ssh to make it explain the choices it makes. The option PasswordAuthentication no in the ssh config file may be useful if you know that you never want to use a password with the server. This will cause the client to skip asking for a password, and fail if none of the other methods allow it to authenticate. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
