Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > secureshell > 03 > 071384.html (Request Expert securityfocus.com Support)

Re: Problems with passwordless ssh/scp (W2K client , Solaris 8 server).

From: Greg Wooledge <wooledg(at)eeg.ccf.org>
Date: Wed Jul 30 2003 - 08:29:26 EDT

On Tue, Jul 29, 2003 at 05:47:12PM -0500, David Liber wrote:
> I am trying to use a passwordless ssh/scp

> 1) W2K client. Installed cygwin with the latest ssh (OpenSSH_3.6.1p1, SSH

OK, OpenSSH on both ends, so you don't have to convert the public key to the other format.

> 2) Generated a public key by running 'ssh-keygen -t rsa'. Left passphrase

authorized_keys2 is the old OpenSSH 2.x name. I believe it still works, but it's deprecated; you should be using authorized_keys for both protocols (1 and 2) now.

> 4) The SSH server configuration is a pretty standard configuration (Solaris

Fine, but you didn't show the permissions and ownerships on the files and directories. OpenSSH is very sensitive to these matters. The authorized_keys file must NOT be group- or world-writable. The .ssh directory that it's sitting in must not be group- or world-writable either. The same for your $HOME directory. The same for all the directories leading *up* to your $HOME directory (e.g. /home or /u).

Do you need help?X

> $ ssh -v -l tuxedo tuxstage3

Client-side verbose output is not useful in debugging authentication issues, because the interesting bits all happen on the server side. If you want useful verbose output for this situation, you need to run the *server* (sshd) in debug mode. For example, (as root):

  # sshd -d -p 2222

And then use

  $ ssh tuxedo@tuxstage3 -p 2222

on the client. Received on Thu Jul 31 12:30:10 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:03:01 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library