Re: SSH doesn't work with RSA keys

Wed, 03 Jan 2007 14:02:48 -0800 

On Wed, Jan 03, 2007 at 05:50:40PM -0300, Alejandro wrote:
> People, I have generated the key pair RSA from my root linux's user and
> then I copy my RSA public key to /root/.ssh/authorized_keys from the
> linux ssh server. After that I edit the sshd_config file and put permit
> rootlogin no and the correct path to the authorized_keys file. But when
> I execute from the client "ssh [EMAIL PROTECTED]" it doesn't enter and the
> password banner is showed. Here I put my debugs from ssh client and
> server and my sshd_config file from the server....I REALLY THANKS YOUR
> COMMENTS !!!
> 

Example:

Try setting up a normal user first - check whether that works.
Example commands are indented in what follows. Comments are mostly
in []

As user pele change to your home directory on the first machine 
(here called cerca) then

        ssh-keygen -t rsa -b 2048

[Follow the prompts: don't use a passphrase. This should generate 
a pair of keys id_rsa and id_rsa.pub

        cd /home/pele/.ssh

        touch authorized_keys

        chmod 0600 authorized_keys

Follow the same procedure on the other machine (here called lejos).

On machine cerca:

        cd /home/pele/.ssh

        scp lejos:/home/pele/.ssh/id_dsa.pub ./id_dsa.pubLEJOS

[This copies the file you need from the other machine and names it so 
you can tell where it comes from. At this point, you may need to use 
passwords]

        scp ./id_dsa.pub lejos:/home/pele/.ssh/id_dsa.pubCERCA

[Copying the public RSA key from the machine you are on to the distant 
machine]

        cat id_dsa.pubLEJOS >> authorized_keys

[Copy the public RSA key from the distant machine and 
append it to the authorized_keys file on your local machine]

[Now copy the key into the appropriate place on the distant machine and 
append it to the authorized_keys file there. ]

        ssh lejos

        cd /home/pele/.ssh

        cat id_dsa.pubCERCA >> authorized_keys

[Check that an ssh connection works in both directions:
[On cerca]

        ssh lejos

[On lejos]

        ssh cerca

should both work immediately.

Now do the same with keys for root, if you want to. If you only want one 
user to have effective root privilege - append the id_dsa.pub for root 
on the machine to the end of his /.ssh/authorized_keys file

Hope this helps,

Andy


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to