[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ssh into a webserver on a shared host


On Thu, May 29, 2003 at 07:58:37AM +0200, Nico Meijer wrote......

> Hi Kevin,
> 
> > When I generate the publickey on the home box, it generates a key for
> > kevin@homebox. I can upload this to the SSH server (host), but
> > automatic signin obviously isn't going to happen.
> 
> Create a pair of keys (ssh-keygen -t dsa) without passphrase, copy that
> to the host in question with scp (scp .ssh/id_dsa.pub
> remoteuser@remotehost:.ssh/lusername), ssh into the host and append the
> key (in file .ssh/lusername) to .ssh/authorized_keys2.

I did this explicitly.  I also did it via ssh-copy-id per the post from
Colin, which is a nice little utility.

> On the workstation, edit .ssh/config, add:
> 
> host remotehost
>      user remoteuser

I did this as well, which cleared up my problem with user names.
Thanks.
 
> and you're done. Beware of "StrictModes" at the shared host, btw.

I checked the /etc/ssh/ssh_config on the host, and it has
StrictHostKeyChecking ask but it is commented out, so I presume the
default is ask.  There was no entry for simply 'StrictModes' although I
did see references to that in a google search.

> Using the same usernames on both sides is at best convenient, but
> probably more trouble than it's worth.

So the username problem is solved, and the id_dsa.pub key that I
generated on my workstn and copied to the .ssh/authorized_keys file on
the host was completed, and I also ran 'ssh-add' on my workstn to load
the public keys, yet when I 'ssh justdogs.com' I still get prompted for
the password of the user on the host.  What am I missing?  (a snippet of
the -v output is appended below).

Many thanks
Kevin

--------------- snippet of ssh -v justdogs.org ------------------
debug1: Connection established.
debug1: identity file /home/kevin/.ssh/identity type -1
debug1: identity file /home/kevin/.ssh/id_rsa type 1
debug1: identity file /home/kevin/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.1p1
debug1: match: OpenSSH_3.1p1 pat OpenSSH_2.*,OpenSSH_3.0*,OpenSSH_3.1*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2 Debian 1:3.6.1p2-2
...
debug1: Found key in /home/kevin/.ssh/known_hosts:11
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering agent key: /home/kevin/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering agent key: /home/kevin/.ssh/id_dsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/kevin/.ssh/identity
debug1: Offering public key: /home/kevin/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: /home/kevin/.ssh/id_dsa
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: password

-----------------------------------------------------------------
-- 
Kevin Coyner
mailto: kevin@rustybear.com
GnuPG key: 1024D/8CE11941
Reply to: