problems setting up SSH without passwords

From: Rob De Langhe <rob.delanghe(at)telindus.be>
Date: Mon Mar 31 2003 - 03:21:59 EST

Hi all,

I am trying to configure an SSH login-sequence without having to type the password, but it doesn't work :

configuration: Solaris-9, openSSH 3.5p1

On serverA (source host), I did invoke the commands

ssh-keygen -t rsa

(with empty passphrase)

and stored the generated $HOME/.ssh/id_rsa.pub file on the target host 'serverB' in $HOME/.ssh/authorized_keys

Then from serverA, I try "ssh serverB" but it still asks me for a password.

The output from "ssh -v -v -v serverB" is below.

I have managed to apply this simply procedure in another environment some years ago, without problems. So something I'm doing is wrong (or some missing option in the sshd_config file?)

Any help is mostly appreciated.

Rob

output from "ssh -v -v -v serverB" invoked from serverA:

...

debug1: Host 'serverB' is known and matches the RSA host key.
debug1: Found key in /var/adm/sa/.ssh/known_hosts:1
debug1: bits set: 1585/3191
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue:
publickey,password,keyboard-interactive,hostbased

debug3: start over, passed a different list publickey,password,keyboard-interactive,hostbased

debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: next auth method to try is publickey
debug1: try privkey: /var/adm/sa/.ssh/identity
debug3: no such identity: /var/adm/sa/.ssh/identity
debug1: try pubkey: /var/adm/sa/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: authentications that can continue:

publickey,password,keyboard-interactive,hostbased

debug1: try privkey: /var/adm/sa/.ssh/id_dsa
debug3: no such identity: /var/adm/sa/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: next auth method to try is keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: authentications that can continue:

publickey,password,keyboard-interactive,hostbased

debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: 
debug3: authmethod_is_enabled password
debug1: next auth method to try is password
Do you need more help?
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:
Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related securityfocus.com Links
bugtraq
certification
focus-bsd
focus-ids
focus-ih
focus-linux
focus-ms
focus-sun
focus-unix-other
focus-virus
forensics
incidents
libnet
linux-secnews
ms-secnews
pen-test
secpapers
secprog
sectools
secureshell
security-basics
securityjobs
sf-news
vuln-dev
webappsec
Request more information about Pantek

...
(and password is prompted)
Received on Mon Mar 31 12:24:01 2003