I remove the ~/.ssh and regenerate the key and it seems I still need to provide password when I ssh localhost. Thank you very much even it couldn't be fixed finally.
But I found there is some warning information: ssh localhost The authenticity of host 'localhost (127.0.0.1)' can't be established. RSA key fingerprint is 4f:a1:ff:ed:0c:46:3e:a9:8c:97:bc:b7:46:3e:35:d2. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'localhost' (RSA) to the list of known hosts. On 7/1/09 11:09 PM, fred wang wrote: > sorry, should incopy ssh_config(instead of sshd_config) >> >> >> vi /etc/ssh/ssh_config >> >> # 1. command line options >> >> # 2. user-specific file >> >> # 3. system-wide file >> >> # Any configuration value is only changed the first time it is set. >> >> # Thus, host-specific definitions should be at the beginning of the >> >> # configuration file, and defaults at the end. >> >> >> >> # Site-wide defaults for some commonly used options. For a comprehensive >> >> # list of available options, their meanings and defaults, please see the >> >> # ssh_config(5) man page. >> >> >> >> Host * >> >> # ForwardAgent no >> >> # ForwardX11 no >> >> # ForwardX11Trusted yes >> >> # RhostsRSAAuthentication no >> >> # RSAAuthentication yes >> >> # PasswordAuthentication yes >> >> # HostbasedAuthentication no >> >> # GSSAPIAuthentication no >> >> # GSSAPIDelegateCredentials no >> >> # GSSAPIKeyExchange no >> >> # GSSAPITrustDNS no >> >> # BatchMode no >> >> # CheckHostIP yes >> >> # AddressFamily any >> >> # ConnectTimeout 0 >> >> # StrictHostKeyChecking ask >> >> # IdentityFile ~/.ssh/identity >> >> # IdentityFile ~/.ssh/id_rsa >> >> # IdentityFile ~/.ssh/id_dsa >> >> # Port 22 >> >> # Protocol 2,1 >> >> # Cipher 3des >> >> # Ciphers >> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc >> >> # MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160 >> >> # EscapeChar ~ >> >> # Tunnel no >> >> # TunnelDevice any:any >> >> # PermitLocalCommand no >> >> SendEnv LANG LC_* >> >> HashKnownHosts yes >> >> GSSAPIAuthentication yes >> >> GSSAPIDelegateCredentials no >> >> >> On Thu, Jul 2, 2009 at 1:51 PM, fred wang<[email protected]> wrote: >> >> Here is the output of ssh -v localhost and the configuration of >>> ssh_config, >>> >>> x...@xxx-desktop:~$ ssh -v localhost >>> >>> OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007 >>> >>> debug1: Reading configuration data /etc/ssh/ssh_config >>> >>> debug1: Applying options for * >>> >>> debug1: Connecting to localhost [127.0.0.1] port 22. >>> >>> debug1: Connection established. >>> >>> debug1: identity file /home/xxx/.ssh/identity type -1 >>> >>> debug1: identity file /home/xxx/.ssh/id_rsa type -1 >>> >>> debug1: identity file /home/xxx/.ssh/id_dsa type 2 >>> >>> debug1: Remote protocol version 2.0, remote software version >>> OpenSSH_4.7p1 >>> Debian-8ubuntu1.2 >>> >>> debug1: match: OpenSSH_4.7p1 Debian-8ubuntu1.2 pat OpenSSH* >>> >>> debug1: Enabling compatibility mode for protocol 2.0 >>> >>> debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2 >>> >>> debug1: SSH2_MSG_KEXINIT sent >>> >>> debug1: SSH2_MSG_KEXINIT received >>> >>> debug1: kex: server->client aes128-cbc hmac-md5 none >>> >>> debug1: kex: client->server aes128-cbc hmac-md5 none >>> >>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent >>> >>> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP >>> >>> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent >>> >>> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY >>> >>> debug1: Host 'localhost' is known and matches the RSA host key. >>> >>> debug1: Found key in /home/xxx/.ssh/known_hosts:1 >>> >>> debug1: ssh_rsa_verify: signature correct >>> >>> debug1: SSH2_MSG_NEWKEYS sent >>> >>> debug1: expecting SSH2_MSG_NEWKEYS >>> >>> debug1: SSH2_MSG_NEWKEYS received >>> >>> debug1: SSH2_MSG_SERVICE_REQUEST sent >>> >>> debug1: SSH2_MSG_SERVICE_ACCEPT received >>> >>> debug1: Authentications that can continue: publickey,password >>> >>> debug1: Next authentication method: publickey >>> >>> debug1: Trying private key: /home/xxx/.ssh/identity >>> >>> debug1: Trying private key: /home/xxx/.ssh/id_rsa >>> >>> debug1: Offering public key: /home/xxx/.ssh/id_dsa >>> >>> debug1: Authentications that can continue: publickey,password >>> >>> debug1: Next authentication method: password >>> >>> x...@localhost's password: >>> >>> >>> >>> >>> >>> >>> >>> x...@xxx:~$ vi /etc/ssh/sshd_config >>> >>> #KerberosOrLocalPasswd yes >>> >>> #KerberosTicketCleanup yes >>> >>> >>> >>> # GSSAPI options >>> >>> #GSSAPIAuthentication no >>> >>> #GSSAPICleanupCredentials yes >>> >>> >>> >>> X11Forwarding yes >>> >>> X11DisplayOffset 10 >>> >>> PrintMotd no >>> >>> PrintLastLog yes >>> >>> TCPKeepAlive yes >>> >>> #UseLogin no >>> >>> >>> >>> #MaxStartups 10:30:60 >>> >>> #Banner /etc/issue.net >>> >>> >>> >>> # Allow client to pass locale environment variables >>> >>> AcceptEnv LANG LC_* >>> >>> >>> >>> Subsystem sftp /usr/lib/openssh/sftp-server >>> >>> >>> >>> UsePAM yes >>> >>> >>> >>> On Thu, Jul 2, 2009 at 1:18 PM, Konstantin Boudnik<[email protected] >>> >wrote: >>> >>> Yet another possibility is that your SSH daemon isn't configured to >>>> accept >>>> publickey as a valid authorization mean. >>>> >>>> Try to do ssh -v localhost and check if there's something similar to the >>>> following: >>>> >>>> debug1: Authentications that can continue: >>>> publickey,password,keyboard-interactive >>>> debug1: Next authentication method: publickey >>>> debug1: Trying private key: /home/xxx/.ssh/identity >>>> debug1: Trying private key: /home/xxx/.ssh/id_rsa >>>> debug1: Offering public key: /home/xxx/.ssh/id_dsa >>>> debug1: Server accepts key: pkalg ssh-dss blen 435 >>>> debug1: read PEM private key done: type DSA >>>> debug1: Authentication succeeded (publickey). >>>> >>>> Cos >>>> >>>> >>>> On 7/1/09 10:11 PM, fred wang wrote: >>>> >>>> I have setup ./.ssh/authorized keys has permssion 600, but it didn't >>>>> work. >>>>> Thanks anyway >>>>> >>>>> ls -l .ssh/authorized_keys >>>>> -rw------- 1 xxx xxx 1222 2009-07-02 13:08 .ssh/authorized_keys >>>>> >>>>> On Thu, Jul 2, 2009 at 12:15 AM, Konstantin Boudnik<[email protected] >>>>> >>>>>> wrote: >>>>>> >>>>> Make sure that your ~/.ssh/authorized_keys has permissions 600 >>>>> >>>>>> Cos >>>>>> >>>>>> >>>>>> On 7/1/09 7:35 AM, fred wang wrote: >>>>>> >>>>>> Hi all, >>>>>> >>>>>>> I failed to setup passphraseless ssh(I mean, I still need to input >>>>>>> password to do ssh localhost) when I tried to configure Hadoop to run >>>>>>> on >>>>>>> psuedo-distributed operation, could anyone help me solve this issue? >>>>>>> Thanks! >>>>>>> >>>>>>> (1)I use the Putty0.6 to remote access to Ubuntu by SSH. >>>>>>> >>>>>>> (2) execution steps and ouput >>>>>>> >>>>>>> $ ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa >>>>>>> Generating public/private dsa key pair. >>>>>>> Your identification has been saved in /home/xxx/.ssh/id_dsa. >>>>>>> Your public key has been saved in /home/xxx/.ssh/id_dsa.pub. >>>>>>> The key fingerprint is: >>>>>>> a9:39:4c:9b:22:f9:a4:77:70:24:fa:bf:12:f5:81:81 xxx >>>>>>> >>>>>>> >>>>>>> **note: it doesn't have message 'Enter passphrase (empty for no >>>>>>> passphrase): >>>>>>> Enter same passphrase again: ' which appear in some introductory >>>>>>> paper. >>>>>>> " >>>>>>> >>>>>>> $ cat ~/.ssh/id_dsa.pub>> ~/.ssh/authorized_keys >>>>>>> no output >>>>>>> >>>>>>> $ ssh localhost >>>>>>> The authenticity of host 'localhost (127.0.0.1)' can't be >>>>>>> established. >>>>>>> RSA key fingerprint is >>>>>>> 4f:a1:ff:ed:0c:46:3e:a9:8c:97:bc:b7:46:3e:35:d2. >>>>>>> Are you sure you want to continue connecting (yes/no)? yes >>>>>>> Warning: Permanently added 'localhost' (RSA) to the list of known >>>>>>> hosts. >>>>>>> x...@localhost's password: >>>>>>> >>>>>>> >>>>>>>
