<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: Times New Roman; font-size: 12pt; color: #000000'><span>Thanks a lot Massimo, this was the key point !<br>And I add that not only the ownership of the /root directory is important but also the mode (rwxr-xr-x and not more!)<br><br>Regards,<br>Olivier<br></span><br>----- Original Message -----<br>From: "Massimo Rimondini" <rimondin@dia.uniroma3.it><br>To: "Users of the Netkit Network Emulation System" <netkit.users@list.dia.uniroma3.it><br>Sent: Wednesday, 3 February, 2010 12:18:02 PM<br>Subject: Re: [Netkit.users] SSH with public key authentication<br><br>
<title></title>
Dear all,<br>
<br>
I contribute with a further bit.<br>
The following procedure works from scratch:<tt><br>
</tt>
<ol>
<li><tt>ssh-keygen</tt> on the client</li>
<li><tt>mkdir .ssh</tt> on the server</li>
<li><tt>chown root:root /root</tt> on the server</li>
<li>cut & paste the contents of <tt>/root/.ssh/id_rsa.pub</tt>
on the client to <tt>/root/.ssh/authorized_keys</tt> on the server</li>
<li>start the ssh server on the server</li>
</ol>
Given the exchanges that took place in this thread, I suppose the
problem could most likely be solved by step 3, whose necessity is
revealed by ssh logs on the server machine when logging level is set to
DEBUG.<br>
<br>
Regards,<br>
Massimo.<br>
<br>
Julien Iguchi-Cartigny wrote:
<blockquote cite="mid:4B6959A0.1020505@unilim.fr">
<pre>On 02/03/2010 11:26 AM, Olivier Mémin wrote:
</pre>
<blockquote>
<pre>Hi all.
I run two machines on the same collision domain, let's say a server and
a client.
The server runs sshd, I can access it from the client with the following
command
ssh root@server_address
Then I am requested the password and access is granted if the password
is correct.
I would like now to configure public key authentication. I have
generated RSA keys on the client (ssh-keygen -t rsa) and I have
transferred the public key on the server (ssh-copy-id -i
/root/id_rsa.pub root@server_address).
On the server, the /etc/ssh/sshd_config file is fulfilled with
"PubkeyAuthentication yes" and "RSAAuthentication yes".
</pre>
</blockquote>
<pre><!---->
First, the public key must be put in the file ~/.ssh/authorized_keys and
rights of this file must be rwx------. It seems all of this is done by
ssh-copy-id, but please check first.
Furthemore, in /etc/ssh/sshd_config please add (or modify) the following
line:
PermitRootLogin yes
Then, if nothing work, please check the logs...
Julien.
</pre>
<blockquote>
<pre>However, when I try to connect from client to server, I am still
requested the password for root@server_address...
As this process works on physical hosts running Debian or Ubuntu, I
guess it is a Netkit configuration problem. Any idea ?
Thanks in advance.
--
OM
_______________________________________________
Netkit.users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Netkit.users@list.dia.uniroma3.it" target="_blank">Netkit.users@list.dia.uniroma3.it</a>
<a class="moz-txt-link-freetext" href="http://list.dia.uniroma3.it/mailman/listinfo/netkit.users" target="_blank">http://list.dia.uniroma3.it/mailman/listinfo/netkit.users</a>
</pre>
</blockquote>
<pre><!---->
</pre>
<pre>_______________________________________________
Netkit.users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Netkit.users@list.dia.uniroma3.it" target="_blank">Netkit.users@list.dia.uniroma3.it</a>
<a class="moz-txt-link-freetext" href="http://list.dia.uniroma3.it/mailman/listinfo/netkit.users" target="_blank">http://list.dia.uniroma3.it/mailman/listinfo/netkit.users</a>
</pre>
</blockquote>
<br>_______________________________________________<br>Netkit.users mailing list<br>Netkit.users@list.dia.uniroma3.it<br>http://list.dia.uniroma3.it/mailman/listinfo/netkit.users<br></div></body></html>