If pw less access is something you prefer use a kerberos based service like FreeIPA/RedhatIPA. No need for ssh keys, and pw aren't stored locally. You can log in as a regular user and sudo su - to root, which can be done during ssh login: ssh -t user@host sudo su -
David On Jan 27, 2011, at 1:35 AM, Cameron Kerr <came...@humbledown.org> wrote: > > On 27/01/2011, at 7:45 PM, Always Learning wrote: > >> Hallo, >> >> I wanted to avoid typing-in my password every occasion I remotely >> logged-on to a server. >> >> I created my SSH keys and copied the public part to the server and >> renamed it authorized_keys. > > >> --------------------------------------------- >> >> server /root/.ssh >> >> id_rsa.authorized_keys -rw-------- >> >> -------------------------------------------- > > Your ~/.ssh/authorized_keys needs to be readable by sshd, your permissions on > it are too restrictive (typically, this should be 0644) > > Also, it should be named authorized_keys, not id_rsa.authorized_keys > > PS. Coming from a background in other distributions, I find it disturbing > that Centos ships with allow_root_login defaulting to yes. If you really need > this, ensure that you also restrict access from where people can log in, > consider employing dynamic banning, and harden your sshd_config (which, oddly > enough, you didn't post). > > PPS. When diagnosing such faults, it can be useful to run the sshd (ie. the > server process) in debugging mode, although this would generally require the > server to be temporarily disabled so it can be started in debugging mode. > _______________________________________________ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
