On 01/27/2011 09:00 AM, Always Learning wrote:
On Thu, 2011-01-27 at 06:57 -0600, David Christensen wrote:
If pw less access is something you prefer use a kerberos based service like FreeIPA/RedhatIPA. No need for ssh keys, and pw aren't stored locally. You can log in as a regular user and sudo su - to root, which can be done during ssh login: ssh -t user@host sudo su -
Thanks David. My problem happened because I wrong prefixed the server's key with id_rsa. Have since changed to DSA keys and everything works well.
Ya sorry I was jumping on the band wagon about not using ssh-keys with the root login or allowing root login at all. Its usually a dir/file permissions thing when it comes to using keys.
You should look into getting away from using ssh-keys unless absolutely necessary and look at centralized authentication/authorization; of course if your env is large enough to warrant it. Kerberos can provide the same sort of password less access as ssh-keys.
Anyway good luck.
David