All, I have 3 servers. All 3 are CentOS 5.5. All 3 have identical /etc/ssh/sshd_config files. I used ssh-keygen (with no arguments) to generate keys with no password. I then added all 3 id_rsa.pub keys to the authorized_keys file. With this set up, I should be able to ssh between all 3 boxes without needing a password. The problem is that one of the servers keeps asking for a password even with the keys set up.
servera --> serverb No password serverb --> servera No password servera --> serverc Password serverc --> servera No password serverb --> serverc Password serverc --> serverb No password
If they are all identical from an ssh standpoint (at least the authorized_keys, /etc/sshd_config, and UID for the user on all 3 hosts), why will serverc not play nicely with the other 2> Is there something else I should be checking?
Thanks, John
You should check the perms on the dirs, ssh will not allow it use the keys if they are too permissive. So I would check starting at /home
On Mon, Nov 15, 2010 at 1:29 PM, John Kennedy skebi69@gmail.com wrote:
All, I have 3 servers. All 3 are CentOS 5.5. All 3 have identical /etc/ssh/sshd_config files. I used ssh-keygen (with no arguments) to generate keys with no password. I then added all 3 id_rsa.pub keys to the authorized_keys file. With this set up, I should be able to ssh between all 3 boxes without needing a password. The problem is that one of the servers keeps asking for a password even with the keys set up.
servera --> serverb No password serverb --> servera No password servera --> serverc Password serverc --> servera No password serverb --> serverc Password serverc --> serverb No password
If they are all identical from an ssh standpoint (at least the authorized_keys, /etc/sshd_config, and UID for the user on all 3 hosts), why will serverc not play nicely with the other 2> Is there something else I should be checking?
Thanks, John
-- John Kennedy
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Mon, 15 Nov 2010, cliff here wrote:
You should check the perms on the dirs, ssh will not allow it use the keys if they are too permissive. So I would check starting at /home
This is the most likely cause; I'd check there too.
If not,
1. Ensure the file hash is the same (e.g., no extraneous whitespace in the middle of the key) 2. sshd is usually pretty good about writing errors to syslog.
I do believe the perms need to be at 700 for the ./ssh dir and 640 for the actual key files contained.
On Mon, Nov 15, 2010 at 1:45 PM, Paul Heinlein heinlein@madboa.com wrote:
On Mon, 15 Nov 2010, cliff here wrote:
You should check the perms on the dirs, ssh will not allow it use the keys if they are too permissive. So I would check starting at /home
This is the most likely cause; I'd check there too.
If not,
- Ensure the file hash is the same (e.g., no extraneous whitespace in the middle of the key)
- sshd is usually pretty good about writing errors to syslog.
-- Paul Heinlein <> heinlein@madboa.com <> http://www.madboa.com/ _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-
cliff here -
John Kennedy -
Paul Heinlein