Unable to Automate SSH authentication

Fri Jun 26 07:53:26 UTC 2009

Konstantin Svist wrote:
> Rahul Tidke wrote:
>   
>> Hello,
>>    I am configuring Fedora Core 6 and CentOS5.3 for automatic SSH
>> authentication, ssh version is OpenSSH_4.3p2, OpenSSL 0.9.8b, I  have 
>> executed following commands  but still both systems prompt me for
>> passwords instead of using public keys.
>>
>> ssh-keygen -b 1024 -t dsa (on both hosts with empty pass phrase)
>> ssh-agent $BASH (on both hosts)
>> ssh-add /root/.ssh/id_dsa (on both hosts)
>> created "authorized_keys" file in /root/.ssh directory on both the
>> hosts and copied (exchanged) id_dsa.pub keys to it.
>> SSH is open on both the hosts.
>>
>> Now it should login automatically without prompting for passwords; but
>> it still prompts for password, what is going wrong here? I have tried
>> disabling password authentication in /etc/ssh/sshd_config but no help.
>>
>>     
>
>
> I usually set everything up without ssh-agent. All you need is
> ~/.ssh/config file with
> Host host2 192.168.1.2
>   IdentityFile ~/.ssh/id_dsa.host2
>
> ^ of course assuming the other computer's host name is host2 and IP
> address 192.168.1.2
>
> Copy the .pub into host2:~/.ssh/authorized_keys
> You can also tell both systems to use the same public/private keypair if
> you're not too worried about security. Otherwise, you can delete .pub file
>
> At this point, this should work w/o a password:
> host1$ ssh host2
>
> For your particular problem, check permissions of ~/.ssh/ directory --
> it should be 700. All the files in it need at least 400, you can set it
> to that and still be able to use it without any issues. 600 also works,
> as should 640. Anything more permissive, though, will sometimes result
> in ssh server refusing to use it (any user might've seen/modified it, etc.)
>
> If you have selinux enabled, check /var/log/messages on the ssh server
> -- it will spit out a message when you try to connect using the private key.
> The command to fix it is something like "restorecon -R ~/.ssh" Don't
> trust me, though -- it should be mentioned in /var/log/messages if you
> need to run it. I just turn selinux off.
>
> HTH
>   
I have verified permissions for .ssh directory and they are ok; but I am 
getting following error in /var/log/messages, it is first attempting to 
use key authentication and after that password authentication. I think 
it is unable to read the key, I copy/pasted these keys from command 
promt, what is wrong here.

Jun 26 12:43:58 matrix sshd[1251]: error: key_read: uudecode 
AAAAB3NzaC1kc3MAAACBAKmSjy+E8I/3P2HUNHJ/p844rfCULFnUhOPp4PAKnqxJYc+vB3p6kEfR3WFB28csJuWxdKv9fH
OOSaSerS2rkanXTQ8JUwbwwktYoftXgtznYwNhqwoPvdpcfzD2Xv4fYhjQSRtWkMPE0lFYgjOrsH88AWa69T4aSGn58TkX6PAAAAFQC
BH2DnXuKhyZz4d3iSzxUBY98z8QAAAIAK2QhTbCZuKDRy94ol9CC1+CkzhUA7PB3v/zHugb3RAl\n 
failed

Thanks.
Rahul