Hmm, publickey seems to be allowed. Well, as the last resort, I'd suggest to
make sure that your public key and the one in the ~/.ssh/authorized_keys are
actually identical.
On 7/1/09 11:09 PM, fred wang wrote:
sorry, should incopy ssh_config(instead of sshd_config)
vi /etc/ssh/ssh_config
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
Host *
# ForwardAgent no
# ForwardX11 no
# ForwardX11Trusted yes
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# GSSAPIKeyExchange no
# GSSAPITrustDNS no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes
GSSAPIDelegateCredentials no
On Thu, Jul 2, 2009 at 1:51 PM, fred wang<[email protected]> wrote:
Here is the output of ssh -v localhost and the configuration of
ssh_config,
x...@xxx-desktop:~$ ssh -v localhost
OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/xxx/.ssh/identity type -1
debug1: identity file /home/xxx/.ssh/id_rsa type -1
debug1: identity file /home/xxx/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.7p1
Debian-8ubuntu1.2
debug1: match: OpenSSH_4.7p1 Debian-8ubuntu1.2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'localhost' is known and matches the RSA host key.
debug1: Found key in /home/xxx/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/xxx/.ssh/identity
debug1: Trying private key: /home/xxx/.ssh/id_rsa
debug1: Offering public key: /home/xxx/.ssh/id_dsa
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: password
x...@localhost's password:
x...@xxx:~$ vi /etc/ssh/sshd_config
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
#MaxStartups 10:30:60
#Banner /etc/issue.net
# Allow client to pass locale environment variables
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
UsePAM yes
On Thu, Jul 2, 2009 at 1:18 PM, Konstantin Boudnik<[email protected]>wrote:
Yet another possibility is that your SSH daemon isn't configured to accept
publickey as a valid authorization mean.
Try to do ssh -v localhost and check if there's something similar to the
following:
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/xxx/.ssh/identity
debug1: Trying private key: /home/xxx/.ssh/id_rsa
debug1: Offering public key: /home/xxx/.ssh/id_dsa
debug1: Server accepts key: pkalg ssh-dss blen 435
debug1: read PEM private key done: type DSA
debug1: Authentication succeeded (publickey).
Cos
On 7/1/09 10:11 PM, fred wang wrote:
I have setup ./.ssh/authorized keys has permssion 600, but it didn't
work.
Thanks anyway
ls -l .ssh/authorized_keys
-rw------- 1 xxx xxx 1222 2009-07-02 13:08 .ssh/authorized_keys
On Thu, Jul 2, 2009 at 12:15 AM, Konstantin Boudnik<[email protected]
wrote:
Make sure that your ~/.ssh/authorized_keys has permissions 600
Cos
On 7/1/09 7:35 AM, fred wang wrote:
Hi all,
I failed to setup passphraseless ssh(I mean, I still need to input
password to do ssh localhost) when I tried to configure Hadoop to run
on
psuedo-distributed operation, could anyone help me solve this issue?
Thanks!
(1)I use the Putty0.6 to remote access to Ubuntu by SSH.
(2) execution steps and ouput
$ ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
Generating public/private dsa key pair.
Your identification has been saved in /home/xxx/.ssh/id_dsa.
Your public key has been saved in /home/xxx/.ssh/id_dsa.pub.
The key fingerprint is:
a9:39:4c:9b:22:f9:a4:77:70:24:fa:bf:12:f5:81:81 xxx
**note: it doesn't have message 'Enter passphrase (empty for no
passphrase):
Enter same passphrase again: ' which appear in some introductory
paper.
"
$ cat ~/.ssh/id_dsa.pub>> ~/.ssh/authorized_keys
no output
$ ssh localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
RSA key fingerprint is 4f:a1:ff:ed:0c:46:3e:a9:8c:97:bc:b7:46:3e:35:d2.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known
hosts.
x...@localhost's password:
