If pw less access is something you prefer use a kerberos based service like FreeIPA/RedhatIPA. No need for ssh keys, and pw aren't stored locally. You can log in as a regular user and sudo su - to root, which can be done during ssh login: ssh -t user@host sudo su -
David
On Jan 27, 2011, at 1:35 AM, Cameron Kerr <cameron@xxxxxxxxxxxxxx> wrote:
>
> On 27/01/2011, at 7:45 PM, Always Learning wrote:
>
>> Hallo,
>>
>> I wanted to avoid typing-in my password every occasion I remotely
>> logged-on to a server.
>>
>> I created my SSH keys and copied the public part to the server and
>> renamed it authorized_keys.
>
>
>> ---------------------------------------------
>>
>> server /root/.ssh
>>
>> id_rsa.authorized_keys -rw--------
>>
>> --------------------------------------------
>
> Your ~/.ssh/authorized_keys needs to be readable by sshd, your permissions on it are too restrictive (typically, this should be 0644)
>
> Also, it should be named authorized_keys, not id_rsa.authorized_keys
>
> PS. Coming from a background in other distributions, I find it disturbing that Centos ships with allow_root_login defaulting to yes. If you really need this, ensure that you also restrict access from where people can log in, consider employing dynamic banning, and harden your sshd_config (which, oddly enough, you didn't post).
>
> PPS. When diagnosing such faults, it can be useful to run the sshd (ie. the server process) in debugging mode, although this would generally require the server to be temporarily disabled so it can be started in debugging mode.
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
