[Netkit.users] SSH with public key authentication

Massimo Rimondini rimondin at dia.uniroma3.it
Wed Feb 3 12:18:02 CET 2010 

Dear all,

I contribute with a further bit.
The following procedure works from scratch:

   1. ssh-keygen on the client
   2. mkdir .ssh on the server
   3. chown root:root /root on the server
   4. cut & paste the contents of /root/.ssh/id_rsa.pub on the client to
      /root/.ssh/authorized_keys on the server
   5. start the ssh server on the server

Given the exchanges that took place in this thread, I suppose the
problem could most likely be solved by step 3, whose necessity is
revealed by ssh logs on the server machine when logging level is set to
DEBUG.

Regards,
Massimo.

Julien Iguchi-Cartigny wrote:
> On 02/03/2010 11:26 AM, Olivier Mémin wrote:
>   
>> Hi all.
>>
>> I run two machines on the same collision domain, let's say a server and
>> a client.
>> The server runs sshd, I can access it from the client with the following
>> command
>>    ssh root a server_address
>> Then I am requested the password and access is granted if the password
>> is correct.
>>
>> I would like now to configure public key authentication. I have
>> generated RSA keys on the client (ssh-keygen -t rsa) and I have
>> transferred the public key on the server (ssh-copy-id -i
>> /root/id_rsa.pub root a server_address).
>> On the server, the /etc/ssh/sshd_config file is fulfilled with
>> "PubkeyAuthentication yes" and "RSAAuthentication yes".
>>     
>
> First, the public key must be put in the file ~/.ssh/authorized_keys and
> rights of this file must be rwx------. It seems all of this is done by
> ssh-copy-id, but please check first.
>
> Furthemore, in /etc/ssh/sshd_config please add (or modify) the following
> line:
>
> PermitRootLogin yes
>
> Then, if nothing work, please check the logs...
>
> Julien.
>
>   
>> However, when I try to connect from client to server, I am still
>> requested the password for root a server_address...
>>
>> As this process works on physical hosts running Debian or Ubuntu, I
>> guess it is a Netkit configuration problem. Any idea ?
>>
>> Thanks in advance.
>>
>> --
>> OM
>>
>>
>>
>> _______________________________________________
>> Netkit.users mailing list
>> Netkit.users a list.dia.uniroma3.it
>> http://list.dia.uniroma3.it/mailman/listinfo/netkit.users
>>     
>
>
>   
> _______________________________________________
> Netkit.users mailing list
> Netkit.users a list.dia.uniroma3.it
> http://list.dia.uniroma3.it/mailman/listinfo/netkit.users
>   
-------------- parte successiva --------------
Un allegato HTML � stato rimosso...
URL: http://list.dia.uniroma3.it/pipermail/netkit.users/attachments/20100203/791d2b47/attachment.htm

More information about the Netkit.users mailing list