Ask Your Question
0

Issue with SSH

asked 2014-03-20 23:14:15 -0500

Gaurav Dighe gravatar image

I have generated SSH key and copied it to authorized_keys. Even after doing that, it asks me for password everytime. Please suggest

edit retag flag offensive close merge delete

Comments

What does the output of ssh -v <host> say?

QuLogic gravatar imageQuLogic ( 2014-03-20 23:33:31 -0500 )edit

You do have the key on both the client and the server, don't you? @QuLogic is right, though, ssh -v will show what steps the ssh tool is taking during connect and should show what is wrong.

cobra gravatar imagecobra ( 2014-03-21 04:31:48 -0500 )edit

gaurav@techsavy ~$ ssh -v localhost OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 51: Applying options for * debug1: Connecting to localhost [127.0.0.1] port 22. debug1: Connection established. debug1: identity file /home/gaurav/.ssh/id_rsa type 1 debug1: identity file /home/gaurav/.ssh/id_rsa-cert type -1 debug1: identity file /home/gaurav/.ssh/id_dsa type -1 debug1: identity file /home/gaurav/.ssh/id_dsa-cert type -1 debug1: identity file /home/gaurav/.ssh/id_ecdsa type -1 debug1: identity file /home/gaurav/.ssh/id_ecdsa-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.4 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.4 debug1: match: OpenSSH_6.4 pat OpenSSH* debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none debug1: kex: client->server aes128-ctr hmac-md5-etm ...(more)

Gaurav Dighe gravatar imageGaurav Dighe ( 2014-03-26 01:14:11 -0500 )edit

What exactly did you copy to the authorized_keys file?

QuLogic gravatar imageQuLogic ( 2014-03-26 11:35:05 -0500 )edit

3 Answers

Sort by ยป oldest newest most voted
0

answered 2014-03-27 00:36:47 -0500

updated 2014-03-27 00:38:48 -0500

Here's the process:

  1. Create a key with ssh-keygen

  2. Copy the key to the target authorized-keys

ssh-copy-id -i ~/.ssh/new key.pub $target_host

  1. If you have multiple keys, you can exceed the retry limit before the correct one is attempted. Avoid this with an appropriate ~/.ssh/config

Host * IdentitiesOnly yes
Host $ttarget_host IdentityFile ~/.ssh/new_key

edit flag offensive delete link more
0

answered 2014-03-23 06:15:26 -0500

bluestar gravatar image

updated 2014-03-26 15:37:28 -0500

In /etc/ssh/sshd_config there is a line

...
#PubkeyAuthentication yes
...

Remove the # and check if the word behind says 'yes' and restart sshd (sudo systemctl restart sshd.service)

edit flag offensive delete link more

Comments

It didn't helped

Gaurav Dighe gravatar imageGaurav Dighe ( 2014-03-26 01:12:42 -0500 )edit

@bluestar: The commented values in that file are the default values, so since it says 'yes' there, it should be enabled by default.

QuLogic gravatar imageQuLogic ( 2014-03-26 11:34:12 -0500 )edit

Thank you for your comment. I thought maybe I changed it to yes manually. I will edit the answer to reflect what I meant. Nonetheless, apparently it didn't help.

bluestar gravatar imagebluestar ( 2014-03-26 15:36:20 -0500 )edit
0

answered 2014-03-21 07:59:44 -0500

domg gravatar image

updated 2014-03-21 08:00:05 -0500

see if this helps:

restorecon -R -v ~/.ssh

chmod 0700 ~/.ssh

chmod 0600 ~/.ssh/authorized_keys

A common problem is that the permission bits set inappropriately

edit flag offensive delete link more

Comments

No it didn't helped

Gaurav Dighe gravatar imageGaurav Dighe ( 2014-03-26 01:12:59 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2014-03-20 23:14:15 -0500

Seen: 1,315 times

Last updated: Mar 27 '14