Mike Leone on 21 Jul 2010 06:33:49 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] Problems with password-less SSH


I had this working, between 2 hosts. Then I had to replace one of them, and I can't seem to get it to work anymore ...

What I need to do:
I need to execute a command on a remote server in my DMZ, and I have been doing this via cron. So user "vadmin@admnftp002" needs to execute a command as "FileCollector@192.168.1.30".

What I did:
As user "vadmin@admnftp002", I created new SSH keys, with no password. (I decided to make new keys, rather than keep the old ssh keys I used to use. This may have been a mistake ...I still have a copy of the old keys that worked on the old remote box, tho).

I did this by "ssh-keygen -t rsa". Then I copied the public file to "FileCollector@192.168.1.30" with

ssh-copy-id -i id_rsa.pub FileCollector@192.168.1.30

But when I try and test it, I get prompted for a password:

vadmin@admnftp002:~/.ssh$ ssh FileCollector@192.168.1.30 uptime
FileCollector@192.168.1.30's password:

Now, the remote machine is brand-new install of RHEL 5.4. I checked it's SSH config, and changed:

RSAAuthentication yes
PubkeyAuthentication yes
UsePAM no

and restarted SSH on the remote server, but am still prompted for a password. I am following these directions:

<http://www.debian-administration.org/articles/152>

This used to work, when the remote server was a Debian box. These were the same directions I used back then. But now it's a no-go. Any ideas where to find out why? I'm guessing I forgot something in a config, or missed a step, but can't figure out where. If I look in "~/.ssh/authorized_keys" on 192.168.1.30, I do see my "vadmin@admnftp002" key listed.

Thanks

--
Michael J. Leone, <mailto:turgon@mike-leone.com>

PGP Fingerprint: 0AA8 DC47 CB63 AE3F C739 6BF9 9AB4 1EF6 5AA5 BCDF
Photo Gallery: <http://www.flickr.com/photos/mikeleonephotos>

	It seems to me
	I could live my life
	A lot better than I think I am
				"Working Man", Rush
				
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug