On Fri, Jan 06, 2006 at 02:07:01PM +0200, Pavlos Parissis wrote: > Hello, > > > Hi, > > > > Thanks for your mail.I have tried to copy .ssh folder from root to the > > users account and the permissions are 600 and the file is owned by the user > > and still i am getting the enter the password. > > OK, you need to run the ssh command with -v argument and send us the output > while you are trying to access the system as root and as user. > Furthermore,send us the sshd_config of the server and /etc/ssh/ssh_config > , the ~.ssh/config from the system which are you using the ssh. > And of course the lines from /var/log/auth for a root login and for a user > login > to see any difference. > > It must be something in the confs or you are doing something wrong > ,it can not be a bug. > > pavlos > You need to run ssh-keygen to generate keys. You then put the public keys into a specific place on each machine.
Run the followng command (indented by one tab only so that you can see it): ssh-keygen -t dsa -b 2048 This generates a key, 2048 bits long and stores it in your home directory in a .ssh subdirectory. If you go to ~/.ssh now, you should see two parts to your key - id_dsa and id_dsa.pub The .pub part is the public key - you can give that to absolutely anyone. The id_dsa should be kept private and the permissions on .ssh are designed to help with that. Also in .ssh run the following commands: touch authorized_keys ; chmod 0600 authorized_keys The trick is that each machine has to see the id_dsa.pub for another machine in the authorized_keys file. The key exchange and authentication relies on being able to use the public key half to authenticate the connection - or it drops back to password authentication. As your user, use scp to copy the keys across. [Call the two machines aardvark and wombat, for example]. In copying the keys across, you're renaming them so you don't end up inadvertently overwriting the id_rsa.pub already on that machine and you know which machine you copied the key from. [On Aardvark] scp ~/.ssh/id_dsa.pub wombat:~/id_dsa.pubAardvark You'll get asked for a password. [On Wombat] scp ~/.ssh/id_dsa.pub aardvark:~/id_dsa.pubWombat You'll get asked for a password. Login to one machine [Wombat]. >From your home directory cat ./id_dsa.pubAardvark >> ~/.ssh/authorized_keys [Appending to the end of the authorized_keys file you just created]. Likewise, on Aardvark cat ./id_dsa.pubWombat >> ~/.ssh/authorized_keys Log off each machine. Now you should be able to login without a password from each machine to the other. Once you're satisfied, delete the id_rsa.pubAardvark and id_rsa.pubWombat files from the home directories. Repeat for other machines as necessary. Secure login and secure transfer of keys: no changing permissions or exposing other than public keys at any stage :) Andy -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]