Passwordless ssh one way not the other!
John Pierce
john.j35 at gmail.com
Tue Jun 12 20:56:21 UTC 2007
Hello list!
I have a small local network with 4 desktop machines, some acting as
servers for backup and mythtv.
I have to laptop computers attached to this network as well, they are
HP Pavilion DV9208NR machines.
For a long time I have used passwordless ssh logins to run rsyncs and
such, I also manage the computers in the network with connections
through ssh.
The problem, I have generated the id_dsa keys with the following command:
ssh-keygen -t dsa -f .ssh/id_dsa
I then copy the resulting .ssh/id_dsa.pub file to the remote machines
with the following command:
scp id_dsa.pub user at remote:~/.ssh/id_dsa.pub
Substituting the correct username/remote pair.
I then log into the remote machine with the following command:
ssh user at remote
Again, substituting the correct username/remote pair.
I then add the pub key to the authorized_keys2 file with this command:
cat id_dsa.pub >> authorized_keys2
I chmod the file 0640 on the authorized_keys2 file.
Now, when I log out of that host and log back into that host I am not
challenged for a password as it should be, except the first laptop.
Again, the two laptops are identical as far as hardware is concerned,
and the install ssh packages are the same.
The two mahcines are named linbook1 and linbook2 and I can ssh from
linbook1 > linbook2 without a password challenge. I cannot ssh from
linbook2 > linbook1 without getting a challenge.
Both machines have the following ssh software installed.
openssh-askpass-4.5p1-6.fc7
openssh-clients-4.5p1-6.fc7
openssh-4.5p1-6.fc7
openssh-server-4.5p1-6.fc7
Both are running Fedora 7.
I have made sure there is no difference between the
/etc/ssh/sshd_config files. I have made sure to restart the sshd
daemon.
I have deleted the authorized_keys2 file and recreated the key, 4
times now, and setup the passwordless login but it still challenges me
for a password when going from linbook2 > linbook1.
I have know clue why.
Any Ideas or suggestions would be appreciated.
--
John
Registered Linux User 263680, get counted at
http://counter.li.org
More information about the fedora-list
mailing list