On 03/07/2012 10:39 PM, LLLActive@GMX.Net pecked at the keyboard and wrote:
Hi all,
I've done the following procedure to get a passwordless login on a remote server:
as root:
$ ssh-keygen Enter file in which to save the key (/home/your_user/.ssh/id_rsa): <Enter> Enter passphrase (empty for no passphrase): <Enter> Enter same passphrase again: <Enter> Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: (-:) co:ec:aa:a1:de:34:5c:95:24:1d:25:4a:84:aq:65:ca root@server The key's randomart image is: +--[ RSA 2048]----+ | .******* | | ..B-.-. | | kjak | | . ..+<-, | | . #+#^´ | | . | | | | | | | +-----------------+
Then I upload the key
as root: $ ssh-copy-id user@myserver.org Password:
message: Now try logging into the machine, with "ssh 'user@ssh.yourserver.org'", and check in: ~/.ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting.
Now, when I login, the password is asked *again*.
Where does the id_rsa get used? It is in /root/.ssh/ together with id_rsa.pub when generated by ssh-keygen. I am root when performing the login on the remote server at the moment. Later, I will use a dedicated user.
Any suggestions welcome.
:-) Dreiel
This was passed on from David Rankin and worked well for me: Local Box (client): (1) create the keys you need with 'ssh-keygen -t dsa'. (just hit return for empty passwords) That will create id_dsa and id_dsa.pub in ~/.ssh by default. Give the id_dsa.pub key a usable name used when you copy it over to the remote box: (i.e. cp id_dsa.pub id_dsa.pub.$HOSTNAME) (2) rsync your key with the usable name to the remote box: rsync -uav ~/.ssh/id_dsa.pub.$HOSTNAME) remote.host.tld:~/.ssh Remote Box: (3) ssh into the remote box and append the new usable key to ~/.ssh/authorized_keys i.e.: cat ~/.ssh/id_dsa.pub.$HOSTNAME) >> ~/.ssh/authorized_keys ** you could just do this step from the Local Box with: ssh remote.host 'cat ~/.ssh/id_dsa.pub.$HOSTNAME) >> ~/.ssh/authorized_keys' Don't forget to use the '>>' instead of a '>' much cussing... HTH -- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org