Re: passwordless ssh login not working
On Fri, Feb 07, 2003 at 10:38:17PM -0700, Tim Ayers wrote:
> When you generate your keys and it asks for a passphrase, just hit
> <enter>. Don't use a passphrase and it won't prompt you for one.
No, that's how I did it. It's not asking for a passphrase, it's asking
for a password, just as if I had no keys.
On Sat, Feb 08, 2003 at 02:34:34AM -0500, sean finney wrote:
> are you sure your sshd_config is configured to allow PubkeyAuthentication?
Yes - here it is (below)
But the main problem seems to be the bit from the ssh -vvv output,
where it says
> > debug3: Not a RSA1 key file /root/.ssh/id_rsa.
(and the same for id_dsa)
Looking in these files, I find they don't look right compared to the
id_?sa.pub files. The .pub files contain "ssh-rsa fv487t509n0etcetcetc=
root@pigeon" all as one long line. The private key files contain
"-----BEGIN RSA PRIVATE KEY-----" followed by the key as 12 separate
lines and an "-----END......" line.
So, I take my text editor to the private key files and change them to
the same format as the public key files. It still doesn't work, but
the error message changes:
debug3: Not a RSA1 key file /root/.ssh/id_rsa.
key_read: uudecode ptu5087509nrounrin975tetcetcetc= root@pigeon
Does that mean anything to anyone?
# Package generated configuration file
# See the sshd(8) manpage for defails
# What ports, IPs and protocols we listen for
# Use these options to restrict which interfaces/protocols sshd will bind to
# HostKeys for protocol version 2
#Privilege Separation is turned on for security
# ...but breaks Pam auth via kbdint, so we have to turn it off
# Use PAM authentication via keyboard-interactive so PAM modules can
# properly interface with the user (off due to PrivSep)
# Lifetime and size of ephemeral version 1 server key
# rhosts authentication should not be used
# Don't read the user's ~/.rhosts and ~/.shosts files
# For this to work you will also need host keys in /etc/ssh_known_hosts
# similar for protocol version 2
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
# To enable empty passwords, change to yes (NOT RECOMMENDED)
# Uncomment to disable s/key passwords
# To disable tunneled clear text passwords, change to no here!
# To change Kerberos options
# Kerberos TGT Passing does only work with the AFS kaserver
Subsystem sftp /usr/lib/sftp-server