| View previous topic :: View next topic |
| Author |
Message |
gnychis
Veteran
Joined: 23 Mar 2005
Posts: 1004
Location: Pittsburgh, PA
|
 Posted: Fri Feb 09, 2007 1:27 am Post subject: need help with no password ssh and ssh-agent [SOLVED] |
 |
|
Hey all,
I've looked at like 5 different guides for no password ssh and they all say the same thing... and I've done this over and over and can't get it.
First I create my id_dsa:
Then I scp it over to the server machine, and append it to ~/.ssh/authorized_keys
Now when I try to ssh, it asks me for the passphrase for ~/.ssh/id_dsa and logs me in without ever asking me for the ssh password also.
Now I want it to not ask me for the id_dsa password... guides are telling me to use ssh-agent, however:
| Code: |
bash-2.05b$ ssh-agent /usr1/gnychis/.ssh/id_dsa
/usr1/gnychis/.ssh/id_dsa: Permission denied
bash-2.05b$ ls -la /usr1/gnychis/.ssh/ | grep id_dsa
-rw------- 1 gnychis users 736 Feb 8 20:18 id_dsa
bash-2.05b$ whoami
gnychis
|
I can't figure this out, this is happening on *all* of my machines.
Any clues? I have root on the client machines, but not on the server machine.
Thanks!
George
_________________
<---- me and Richard Stallman 
Last edited by gnychis on Fri Feb 09, 2007 3:09 am; edited 1 time in total |
|
| Back to top |
|
 |
Dan
Veteran
Joined: 25 Oct 2005
Posts: 1302
|
| Posted: Fri Feb 09, 2007 1:46 am Post subject: |
|
|
use ssh-add
it will ask you for your password and once its added you are done, you can login to any machine you have dropped your key into without a password. next reboot add it again with "ssh-add"
_________________
- Failure is not an option. It's bundled with your software. |
|
| Back to top |
|
|
coolsnowmen
Veteran
Joined: 30 Jun 2004
Posts: 1479
Location: No.VA
|
| Posted: Fri Feb 09, 2007 1:51 am Post subject: |
|
|
did you try the keychain guides? it has worked very well for me.
_________________
emerge: there are no ebuilds to satisfy "moo" |
|
| Back to top |
|
|
beandog
Bodhisattva
Joined: 04 May 2003
Posts: 2072
Location: /usa/utah
|
|
| Back to top |
|
|
albright
Advocate
Joined: 16 Nov 2003
Posts: 2588
Location: Near Toronto
|
| Posted: Fri Feb 09, 2007 2:52 am Post subject: |
|
|
| Quote: | | Now when I try to ssh, it asks me for the passphrase for ~/.ssh/id_dsa and logs me in without ever asking me for the ssh password also. |
Sorry - this is a dumb question but, you didn't give your dsa key
a password did you? |
|
| Back to top |
|
|
gnychis
Veteran
Joined: 23 Mar 2005
Posts: 1004
Location: Pittsburgh, PA
|
| Posted: Fri Feb 09, 2007 3:09 am Post subject: |
|
|
| albright wrote: | | Quote: | | Now when I try to ssh, it asks me for the passphrase for ~/.ssh/id_dsa and logs me in without ever asking me for the ssh password also. |
Sorry - this is a dumb question but, you didn't give your dsa key
a password did you? |
/me lowers his head, covers his face, and walks away slowly...
thanks
_________________
<---- me and Richard Stallman |
|
| Back to top |
|
|
astor84
Tux's lil' helper
Joined: 06 Feb 2007
Posts: 96
Location: Dallas, Tx
|
| Posted: Fri Feb 09, 2007 4:34 am Post subject: |
|
|
| gnychis wrote: | | albright wrote: | | Quote: | | Now when I try to ssh, it asks me for the passphrase for ~/.ssh/id_dsa and logs me in without ever asking me for the ssh password also. |
Sorry - this is a dumb question but, you didn't give your dsa key
a password did you? |
/me lowers his head, covers his face, and walks away slowly...
thanks |
Don't just make private keys without passphrases: this is a BAD idea. Read the keychain guide (a someone a couple posts up linked to it). It takes a little longer to get it going, but once it works, it will be worth it. You will have to type your password once per boot, and then keychain will load your private key into ssh-agent and remember which ssh-agent process has it loaded so that you can have it available for all shells.\
Not using passphrases (and keychain) is just plain dumb. If someone were to get a copy of your private key they would have access to all of those boxes. |
|
| Back to top |
|
|
gnychis
Veteran
Joined: 23 Mar 2005
Posts: 1004
Location: Pittsburgh, PA
|
| Posted: Fri Feb 09, 2007 5:13 am Post subject: |
|
|
its a single client to a single server and its temporary for ~2 days while some scp's go to work... so i'm not too worried about
will keep that in mind though
_________________
<---- me and Richard Stallman |
|
| Back to top |
|
|
|
Networking & Security
