At Fri, 22 Oct 2010 15:30:03 -0400 CentOS mailing list centos@centos.org wrote:
hmm.. ok then gordon thanks for the input! how do these permissions grab ya?
[bluethundr@LCENT01 ~]$ ls -alh | grep .ssh -rw------- 1 bluethundr summitnjops 70 Oct 17 14:04 .lesshst drwx------ 2 bluethundr summitnjops 512 Oct 22 14:06 .ssh
[bluethundr@LCENT01 ~]$ ls -lah .ssh total 34K drwx------ 2 bluethundr summitnjops 512 Oct 22 14:06 . drwx------ 106 bluethundr summitnjops 5.5K Oct 22 14:44 .. -rw------- 1 bluethundr summitnjops 820 Oct 22 14:19 authorized_keys -rw------- 1 bluethundr summitnjops 1.7K Oct 22 14:18 id_rsa -rw-r--r-- 1 bluethundr summitnjops 403 Oct 22 14:18 id_rsa.pub -rw-r--r-- 1 bluethundr summitnjops 20K Oct 22 14:47 known_hosts [bluethundr@LCENT01 ~]$
as is stands, currently, still not working!
You did copy id_rsa.pub to authorized_keys:
cat .ssh/id_rsa.pub >> .ssh/authorized_keys
???
Also check /etc/ssh/sshd_config an /etc/ssh/ssh_config. These files need to allow public key logins. Also, does /etc/ssh/sshd_config have anything set for AllowUsers and/or AllowGroups? All any/all of the machines in question?
this is what it looks like when I ssh to another host that shares this home directory (and .ssh dir) as the one I am ssh'ing from.
[bluethundr@LCENT01 ~]$ ssh virt1 bluethundr@virt1's password:
I've posted a -vvv version of the ssh session in an attachment.
thanks!
tim
On Fri, Oct 22, 2010 at 3:14 PM, Gordon Messmer yinyang@eburg.com wrote:
On 10/22/2010 11:38 AM, Tim Dunphy wrote:
silly quesion: if I generate an RSA key on an NFS shared home directory, then cat>> it into the .ssh/authorized_keys file in the same location, shouldn't I then be able to ssh into each host that shares the NFS home directory without entering a passphrase (assuming the key doesn't have one)? and assuming the permissions on the authorized_keys file belong to the user with mode 600?
The permissions on the .ssh directory must also be correct. Otherwise, yes. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos