it doesn't work.. On Fri, Jul 3, 2009 at 10:45 PM, tim robertson <[email protected]>wrote:
> This seemed to me to be a good resource (e.g. it worked for me): > http://fak3r.com/2006/08/10/howto-passwordless-ssh-logins/ > > Tim > > > On Fri, Jul 3, 2009 at 4:31 PM, fred wang<[email protected]> wrote: > > I remove the ~/.ssh and regenerate the key and it seems I still need to > > provide password when I ssh localhost. Thank you very much even it > couldn't > > be fixed finally. > > > > But I found there is some warning information: > > > > ssh localhost > > > > The authenticity of host 'localhost (127.0.0.1)' can't be established. > > > > RSA key fingerprint is 4f:a1:ff:ed:0c:46:3e:a9:8c:97:bc:b7:46:3e:35:d2. > > > > Are you sure you want to continue connecting (yes/no)? yes > > > > Warning: Permanently added 'localhost' (RSA) to the list of known hosts. > > > > > > On 7/1/09 11:09 PM, fred wang wrote: > > > >> sorry, should incopy ssh_config(instead of sshd_config) > >>> > >>> > >>> vi /etc/ssh/ssh_config > >>> > >>> # 1. command line options > >>> > >>> # 2. user-specific file > >>> > >>> # 3. system-wide file > >>> > >>> # Any configuration value is only changed the first time it is set. > >>> > >>> # Thus, host-specific definitions should be at the beginning of the > >>> > >>> # configuration file, and defaults at the end. > >>> > >>> > >>> > >>> # Site-wide defaults for some commonly used options. For a > comprehensive > >>> > >>> # list of available options, their meanings and defaults, please see > the > >>> > >>> # ssh_config(5) man page. > >>> > >>> > >>> > >>> Host * > >>> > >>> # ForwardAgent no > >>> > >>> # ForwardX11 no > >>> > >>> # ForwardX11Trusted yes > >>> > >>> # RhostsRSAAuthentication no > >>> > >>> # RSAAuthentication yes > >>> > >>> # PasswordAuthentication yes > >>> > >>> # HostbasedAuthentication no > >>> > >>> # GSSAPIAuthentication no > >>> > >>> # GSSAPIDelegateCredentials no > >>> > >>> # GSSAPIKeyExchange no > >>> > >>> # GSSAPITrustDNS no > >>> > >>> # BatchMode no > >>> > >>> # CheckHostIP yes > >>> > >>> # AddressFamily any > >>> > >>> # ConnectTimeout 0 > >>> > >>> # StrictHostKeyChecking ask > >>> > >>> # IdentityFile ~/.ssh/identity > >>> > >>> # IdentityFile ~/.ssh/id_rsa > >>> > >>> # IdentityFile ~/.ssh/id_dsa > >>> > >>> # Port 22 > >>> > >>> # Protocol 2,1 > >>> > >>> # Cipher 3des > >>> > >>> # Ciphers > >>> > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc > >>> > >>> # MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160 > >>> > >>> # EscapeChar ~ > >>> > >>> # Tunnel no > >>> > >>> # TunnelDevice any:any > >>> > >>> # PermitLocalCommand no > >>> > >>> SendEnv LANG LC_* > >>> > >>> HashKnownHosts yes > >>> > >>> GSSAPIAuthentication yes > >>> > >>> GSSAPIDelegateCredentials no > >>> > >>> > >>> On Thu, Jul 2, 2009 at 1:51 PM, fred wang<[email protected]> > wrote: > >>> > >>> Here is the output of ssh -v localhost and the configuration of > >>>> ssh_config, > >>>> > >>>> x...@xxx-desktop:~$ ssh -v localhost > >>>> > >>>> OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007 > >>>> > >>>> debug1: Reading configuration data /etc/ssh/ssh_config > >>>> > >>>> debug1: Applying options for * > >>>> > >>>> debug1: Connecting to localhost [127.0.0.1] port 22. > >>>> > >>>> debug1: Connection established. > >>>> > >>>> debug1: identity file /home/xxx/.ssh/identity type -1 > >>>> > >>>> debug1: identity file /home/xxx/.ssh/id_rsa type -1 > >>>> > >>>> debug1: identity file /home/xxx/.ssh/id_dsa type 2 > >>>> > >>>> debug1: Remote protocol version 2.0, remote software version > >>>> OpenSSH_4.7p1 > >>>> Debian-8ubuntu1.2 > >>>> > >>>> debug1: match: OpenSSH_4.7p1 Debian-8ubuntu1.2 pat OpenSSH* > >>>> > >>>> debug1: Enabling compatibility mode for protocol 2.0 > >>>> > >>>> debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2 > >>>> > >>>> debug1: SSH2_MSG_KEXINIT sent > >>>> > >>>> debug1: SSH2_MSG_KEXINIT received > >>>> > >>>> debug1: kex: server->client aes128-cbc hmac-md5 none > >>>> > >>>> debug1: kex: client->server aes128-cbc hmac-md5 none > >>>> > >>>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent > >>>> > >>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > >>>> > >>>> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > >>>> > >>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > >>>> > >>>> debug1: Host 'localhost' is known and matches the RSA host key. > >>>> > >>>> debug1: Found key in /home/xxx/.ssh/known_hosts:1 > >>>> > >>>> debug1: ssh_rsa_verify: signature correct > >>>> > >>>> debug1: SSH2_MSG_NEWKEYS sent > >>>> > >>>> debug1: expecting SSH2_MSG_NEWKEYS > >>>> > >>>> debug1: SSH2_MSG_NEWKEYS received > >>>> > >>>> debug1: SSH2_MSG_SERVICE_REQUEST sent > >>>> > >>>> debug1: SSH2_MSG_SERVICE_ACCEPT received > >>>> > >>>> debug1: Authentications that can continue: publickey,password > >>>> > >>>> debug1: Next authentication method: publickey > >>>> > >>>> debug1: Trying private key: /home/xxx/.ssh/identity > >>>> > >>>> debug1: Trying private key: /home/xxx/.ssh/id_rsa > >>>> > >>>> debug1: Offering public key: /home/xxx/.ssh/id_dsa > >>>> > >>>> debug1: Authentications that can continue: publickey,password > >>>> > >>>> debug1: Next authentication method: password > >>>> > >>>> x...@localhost's password: > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> x...@xxx:~$ vi /etc/ssh/sshd_config > >>>> > >>>> #KerberosOrLocalPasswd yes > >>>> > >>>> #KerberosTicketCleanup yes > >>>> > >>>> > >>>> > >>>> # GSSAPI options > >>>> > >>>> #GSSAPIAuthentication no > >>>> > >>>> #GSSAPICleanupCredentials yes > >>>> > >>>> > >>>> > >>>> X11Forwarding yes > >>>> > >>>> X11DisplayOffset 10 > >>>> > >>>> PrintMotd no > >>>> > >>>> PrintLastLog yes > >>>> > >>>> TCPKeepAlive yes > >>>> > >>>> #UseLogin no > >>>> > >>>> > >>>> > >>>> #MaxStartups 10:30:60 > >>>> > >>>> #Banner /etc/issue.net > >>>> > >>>> > >>>> > >>>> # Allow client to pass locale environment variables > >>>> > >>>> AcceptEnv LANG LC_* > >>>> > >>>> > >>>> > >>>> Subsystem sftp /usr/lib/openssh/sftp-server > >>>> > >>>> > >>>> > >>>> UsePAM yes > >>>> > >>>> > >>>> > >>>> On Thu, Jul 2, 2009 at 1:18 PM, Konstantin Boudnik<[email protected] > >>>> >wrote: > >>>> > >>>> Yet another possibility is that your SSH daemon isn't configured to > >>>>> accept > >>>>> publickey as a valid authorization mean. > >>>>> > >>>>> Try to do ssh -v localhost and check if there's something similar to > the > >>>>> following: > >>>>> > >>>>> debug1: Authentications that can continue: > >>>>> publickey,password,keyboard-interactive > >>>>> debug1: Next authentication method: publickey > >>>>> debug1: Trying private key: /home/xxx/.ssh/identity > >>>>> debug1: Trying private key: /home/xxx/.ssh/id_rsa > >>>>> debug1: Offering public key: /home/xxx/.ssh/id_dsa > >>>>> debug1: Server accepts key: pkalg ssh-dss blen 435 > >>>>> debug1: read PEM private key done: type DSA > >>>>> debug1: Authentication succeeded (publickey). > >>>>> > >>>>> Cos > >>>>> > >>>>> > >>>>> On 7/1/09 10:11 PM, fred wang wrote: > >>>>> > >>>>> I have setup ./.ssh/authorized keys has permssion 600, but it didn't > >>>>>> work. > >>>>>> Thanks anyway > >>>>>> > >>>>>> ls -l .ssh/authorized_keys > >>>>>> -rw------- 1 xxx xxx 1222 2009-07-02 13:08 .ssh/authorized_keys > >>>>>> > >>>>>> On Thu, Jul 2, 2009 at 12:15 AM, Konstantin Boudnik< > [email protected] > >>>>>> > >>>>>>> wrote: > >>>>>>> > >>>>>> Make sure that your ~/.ssh/authorized_keys has permissions 600 > >>>>>> > >>>>>>> Cos > >>>>>>> > >>>>>>> > >>>>>>> On 7/1/09 7:35 AM, fred wang wrote: > >>>>>>> > >>>>>>> Hi all, > >>>>>>> > >>>>>>>> I failed to setup passphraseless ssh(I mean, I still need to > input > >>>>>>>> password to do ssh localhost) when I tried to configure Hadoop to > run > >>>>>>>> on > >>>>>>>> psuedo-distributed operation, could anyone help me solve this > issue? > >>>>>>>> Thanks! > >>>>>>>> > >>>>>>>> (1)I use the Putty0.6 to remote access to Ubuntu by SSH. > >>>>>>>> > >>>>>>>> (2) execution steps and ouput > >>>>>>>> > >>>>>>>> $ ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa > >>>>>>>> Generating public/private dsa key pair. > >>>>>>>> Your identification has been saved in /home/xxx/.ssh/id_dsa. > >>>>>>>> Your public key has been saved in /home/xxx/.ssh/id_dsa.pub. > >>>>>>>> The key fingerprint is: > >>>>>>>> a9:39:4c:9b:22:f9:a4:77:70:24:fa:bf:12:f5:81:81 xxx > >>>>>>>> > >>>>>>>> > >>>>>>>> **note: it doesn't have message 'Enter passphrase (empty for no > >>>>>>>> passphrase): > >>>>>>>> Enter same passphrase again: ' which appear in some > introductory > >>>>>>>> paper. > >>>>>>>> " > >>>>>>>> > >>>>>>>> $ cat ~/.ssh/id_dsa.pub>> ~/.ssh/authorized_keys > >>>>>>>> no output > >>>>>>>> > >>>>>>>> $ ssh localhost > >>>>>>>> The authenticity of host 'localhost (127.0.0.1)' can't be > >>>>>>>> established. > >>>>>>>> RSA key fingerprint is > >>>>>>>> 4f:a1:ff:ed:0c:46:3e:a9:8c:97:bc:b7:46:3e:35:d2. > >>>>>>>> Are you sure you want to continue connecting (yes/no)? yes > >>>>>>>> Warning: Permanently added 'localhost' (RSA) to the list of known > >>>>>>>> hosts. > >>>>>>>> x...@localhost's password: > >>>>>>>> > >>>>>>>> > >>>>>>>> > > >
