[Netkit.users] SSH with public key authentication

Olivier Mémin olivier.memin at mancalanetworks.com
Wed Feb 3 14:12:56 CET 2010 

Thanks a lot Massimo, this was the key point ! 
And I add that not only the ownership of the /root directory is important but also the mode (rwxr-xr-x and not more!) 

Regards, 
Olivier 

----- Original Message ----- 
From: "Massimo Rimondini" <rimondin at dia.uniroma3.it> 
To: "Users of the Netkit Network Emulation System" <netkit.users at list.dia.uniroma3.it> 
Sent: Wednesday, 3 February, 2010 12:18:02 PM 
Subject: Re: [Netkit.users] SSH with public key authentication 

Dear all, 

I contribute with a further bit. 
The following procedure works from scratch: 


    1. ssh-keygen on the client 
    2. mkdir .ssh on the server 
    3. chown root:root /root on the server 
    4. cut & paste the contents of /root/.ssh/id_rsa.pub on the client to /root/.ssh/authorized_keys on the server 
    5. start the ssh server on the server 

Given the exchanges that took place in this thread, I suppose the problem could most likely be solved by step 3, whose necessity is revealed by ssh logs on the server machine when logging level is set to DEBUG. 

Regards, 
Massimo. 

Julien Iguchi-Cartigny wrote: 

On 02/03/2010 11:26 AM, Olivier Mémin wrote: 

Hi all.

I run two machines on the same collision domain, let's say a server and
a client.
The server runs sshd, I can access it from the client with the following
command
   ssh root at server_address
Then I am requested the password and access is granted if the password
is correct.

I would like now to configure public key authentication. I have
generated RSA keys on the client (ssh-keygen -t rsa) and I have
transferred the public key on the server (ssh-copy-id -i
/root/id_rsa.pub root at server_address).
On the server, the /etc/ssh/sshd_config file is fulfilled with
"PubkeyAuthentication yes" and "RSAAuthentication yes". First, the public key must be put in the file ~/.ssh/authorized_keys and
rights of this file must be rwx------. It seems all of this is done by
ssh-copy-id, but please check first.

Furthemore, in /etc/ssh/sshd_config please add (or modify) the following
line:

PermitRootLogin yes

Then, if nothing work, please check the logs...

Julien. 

However, when I try to connect from client to server, I am still
requested the password for root at server_address...

As this process works on physical hosts running Debian or Ubuntu, I
guess it is a Netkit configuration problem. Any idea ?

Thanks in advance.

--
OM



_______________________________________________
Netkit.users mailing list Netkit.users at list.dia.uniroma3.it http://list.dia.uniroma3.it/mailman/listinfo/netkit.users _______________________________________________
Netkit.users mailing list Netkit.users at list.dia.uniroma3.it http://list.dia.uniroma3.it/mailman/listinfo/netkit.users 
_______________________________________________ 
Netkit.users mailing list 
Netkit.users at list.dia.uniroma3.it 
http://list.dia.uniroma3.it/mailman/listinfo/netkit.users 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://list.dia.uniroma3.it/pipermail/netkit.users/attachments/20100203/d0f8fe33/attachment-0001.htm

More information about the Netkit.users mailing list