El Martes 23 Mayo 2006 12:34, Vikas Rawat escribió: > Thanks guys for the overwhelming response. Finally I got it working. For > the interested people, the issue was with the ownership of the home > directory for the root account. See below > > - EARLIER was > drwx------ 9 vikas.rawat coe 4096 May 23 14:59 coe > > - MODIFIED to > drwx------ 9 root coe 4096 May 23 15:00 coe > > This works. > > Regards, > Vikas That's very common slip-up Finally you got it, congratulations :-) Manuel. > > Here is a clearly defined process from one of my colleagues (Prashant > Lal) for doing the same. > ------------------------------------------------------------------------ > ---------------------- > > Host machine: rhythm > Remote machine: blrqmail > > 1. Generate key on host machine. This is for the user id 'lalp', change > to the uid you want to create a key for > > [lalp@rhythm .ssh]$ ssh-keygen -d > Generating public/private dsa key pair. > Enter file in which to save the key (/home/lalp/.ssh/id_dsa): "press > ENTER here" > Enter passphrase (empty for no passphrase): > "press ENTER here" > Enter same passphrase again: > "press ENTER here" > Your identification has been saved in /home/lalp/.ssh/id_dsa. > Your public key has been saved in /home/lalp/.ssh/id_dsa.pub. > The key fingerprint is: > 2d:c3:13:b8:38:65:dc:f7:cd:a3:d5:80:4e:32:54:93 lalp@rhythm > > Now your keys are generated. We have not given any passphrase instead we > have pressed the enter because to perform the automated scripted > operations on the remote machine. > > > 2. Copy the id_dsa.pub file as authorized_keys from the host machine to > remote machine (into the home folder of the uid i.e. > <blrqmail>/home/lalp in this case) > > [lalp@rhythm .ssh]$ scp /home/lalp/.ssh/id_dsa.pub > lalp@blrqmail:/home/lalp/.ssh/authorized_keys > > CAUTION: This would overwrite your existing file. If you want to add to > your file, copy to some other location and append to this. Try this on > the host machine [lalp@rhythm .ssh]$ scp /home/lalp/.ssh/id_dsa.pub > lalp@blrqmail:/home/lalp/.ssh/lalp.rhythm.id_dsa.pub > On the remote machine > [lalp@blrqmail .ssh]$ cat lalp.rhythm.id_dsa.pub >> authorized_keys > > Note: If you are logging into the remote machine for the first time > using SSH, you will be asked to save the remote machine's certificate. > Please accept and save it. > > 3. Now check the permision on the remote machine for .ssh and > authorized_keys > > [lalp@blrqmail lalp]$ chmod -R 600 /home/lalp/.ssh [lalp@blrqmail .ssh]$ > ls -lrt total 8 > -rw-r--r-- 1 lalp lalp 601 May 23 14:29 authorized_keys > > [lalp@blrqmail .ssh]$ ls -la ../ |grep .ssh > drwx------ 2 lalp lalp 4096 May 23 14:30 .ssh > [lalp@blrqmail .ssh]$ > > 4. Log in from the host machine to remote machine > > [lalp@rhythm .ssh]$ ssh blrqmail > [lalp@blrqmail lalp]$ > > You should be logged in straightaway with out any password. > > > -----Original Message----- > From: Stephen Berg [mailto:sberg@xxxxxxxxxxxxxxx] > Sent: Tuesday, May 23, 2006 3:56 PM > To: General Red Hat Linux discussion list > Subject: Re: SSH in BatchMode > > Vikas Rawat wrote: > >>3. We have also changed the file/directory permission for ~/.ssh & > >>~/.ssh/authorized_key to be read-write for user only by executing > >> > >>>chmod -R 600 .ssh > > Did you modify /etc/sshd_config to use the ~/.ssh/authorized_keys file? > Also notice that it should be "keys" not "key". And by default > sshd_config won't read that file to check for public keys. > -- > Stephen Berg > //- Linux/UNIX SysAdmin -/- Fixer of that which is broke -// > //- Home = sberg@xxxxxxxxxxxxxxx -// > //- Work = stephen.berg@xxxxxxxx -// > //- http://iceberg.3c0x1.com/ -/- http://www.3c0x1.com -// > Sinners can repent, but stupid is forever. > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list -- Manuel Arostegui Ramirez #Linux Registered User 295750 Socio de Hispalinux 1813 Red Hat Linux 9, Kernel 2.6.2 ReiserFS Firma cifrada -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE+3O1MqfmPcHTj+twRAm yDAJ9P6ezepIMg06vOet/YPKxVoB+Z/ACfWVhh ---END PGP SIGNATURE----- -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
