On 64-bit CentOS 4.5 SSH not working -- please help

Support for security such as Firewalls and securing linux
Post Reply
centos_system
Posts: 22
Joined: 2007/06/06 14:57:22

On 64-bit CentOS 4.5 SSH not working -- please help

Post by centos_system » 2007/06/20 23:34:22

I have 2 nodes, created RSA/DSA keys on both, merged those on node1 (in authorized_keys) and copied it to node2. On node1, executed ssh-agent $SHELL & ssh-add but when trying ssh node1 date or ssh node2 date, it's asking for the password! The same oracle user created the keys & tried to execute ssh. What mistake I may be doing?
Do I have to do anything in any file under /etc/ssh?
Please advise/help.
Thanks.

michaelnel
Posts: 1478
Joined: 2006/05/29 16:50:11
Location: San Francisco, CA

On 64-bit CentOS 4.5 SSH not working -- please help

Post by michaelnel » 2007/06/20 23:56:06

Check permissions on ~.ssh/authorized_keys

If the permissions are too, uhhhh, permissive, the login will fail and it will ask for password. I generally set authorized_keys to 600 perms.

centos_system
Posts: 22
Joined: 2007/06/06 14:57:22

Re: On 64-bit CentOS 4.5 SSH not working -- please help

Post by centos_system » 2007/06/21 01:42:15

Yes, it's 600.
Out of curiosity (aI am not an expert on this) I did a "ssh -v linux2 date" (from linux1) that gave (in brief):
................................................................................
................................................................................
Host 'linux2' is known and matches the RSA host key
Found key in /oracle/.ssh/known_hosts:1
ssh_rsa_verify: signature correct
...............................................................................
...............................................................................
Authentications that can continue: publickey, gssapi-with-mic, password
Next authentication method: gssapi

Next authentication method: publickey
Offering public key: /oracle/.ssh/id_dsa
...............................................................................
...............................................................................
Authentications that can continue: publickey, gssapi-with-mic, password
Trying private key: /oracle/.ssh/identity
Next authentication method: password
oracle@linux2's password:

It's giving the prompt for password. Why it's trying to authenticate with password? Is there anything to do with any file under /etc/ssh? How to resolve it?
Thanks.

centos_system
Posts: 22
Joined: 2007/06/06 14:57:22

Re: On 64-bit CentOS 4.5 SSH not working -- please help

Post by centos_system » 2007/06/22 12:11:53

It was permission issue on oracle's home directory (found from /var/log/secure). Changed that & SSH works fine.
Thanks.

michaelnel
Posts: 1478
Joined: 2006/05/29 16:50:11
Location: San Francisco, CA

Re: On 64-bit CentOS 4.5 SSH not working -- please help

Post by michaelnel » 2007/06/22 16:53:14

Cool! Thanks for reporting back.

Post Reply

Return to “CentOS 4 - Security Support”