Topic: public key ssh

[icpix]

I'm following several HOWTOs that came up in my
searches, they're mostly (all) SME6-related. Still
having difficulty with the key(s)... Another thread
seemed to think SME7 was different, so is there
something I should do differently?
http://arctic.org/~dean/rdiff-backup/unattended.html
http://forums.contribs.org/index.php?topic=23215.0
http://www.wellsi.com/sme/ssh/ssh.html
http://forums.contribs.org/index.php?topic=27855.msg115824#msg115824
----best wishes, Robert

[raem]

icpix

> Still having difficulty with the key(s)...

Those links all point to a variety of different subjects, including keys.
Rather than be too generic, perhaps it's better to state what you have done ie which howto did you follow, and the exact problem you are actually having.

[icpix]

Ray----

Overall I really want to kick off rdiff-backup.
So I need to get to grips with public/private keys.

The rsync HOWTO uses keys so I was experimenting.

Can't seem to get scp to load the (public) key into my
SME6 production box <10.0.0.1> from my SME7
intranet only box <10.0.0.91>. Things seems to work
on the SME7 box using its PuTTY console:
scp -v /root/.ssh/id_rsa.pub 10.0.0.91:/root/.ssh/authorized_keys2
and I see a key appear in the authorized_keys2 area.
But a similar command sent from
the PuTTY console of the SME6 box:
scp -v /root/.ssh/id_rsa.pub 10.0.0.1:/root/.ssh/authorized_keys2
says that it can't find the pub file.

----best wishes, Robert

[icpix]

Ray----

Doh! I'm SO used to switching myself to the relevant console
of each of the SME boxes I automatically did just that! What
I SHOULD've been doing was loading the SME6 box from the
SME7 PuTTY console... Normally I'd hit the liquid caffeine but
I guess it's too late right now (1.30am). I'll try the rest t-mrra.

----best wishes, Robert

[icpix]

local :: SME7 :: teri :: 10.0.0.91 :: serveronly :: intranet :: fileserver
remote :: SME6 :: server :: 10.0.0.1 :: servergateway :: production

Code: [Select]

[root@teri /]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
d6:92:23:9b:57:dd:8d:a0:1e:c0:00:f3:81:6e:8c:27 root@teri
[root@teri /]# scp /root/.ssh/id_rsa.pub 10.0.0.1:/root/.ssh/authorized_keys2
The authenticity of host '10.0.0.1 (10.0.0.1)' can't be established.
RSA key fingerprint is 7a:4c:e0:0f:f5:40:88:78:d3:b4:2c:14:11:9f:8f:ba.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.0.1' (RSA) to the list of known hosts.
root@10.0.0.1's password:
id_rsa.pub                                                                                    100%  219     0.2KB/s   00:00
[root@teri /]# ssh 10.0.0.1
root@10.0.0.1's password:
Last login: Sun Sep 24 12:20:44 2006 from 10.0.0.91
Welcome to SME Server 6.0.1-01
[root@server root]# cd /root/.ssh/authorized_keys2
[root@server authorized_keys2]# dir
id_rsa.pub
[root@server authorized_keys2]#


Both servers have:
secure shell access = local only
allow admin command line = yes
allow secure shell access with conventional passwords = yes
working conventional PuTTY links (ie passwords)

But I continue to be asked for the remote's password;~/
What have I missed out?

----best wishes, Robert

[kirkf]

authorized_keys2 is a file (not a directory) containing public keys of all servers connecting to this one via certificates.  You need to add this key to the end of the file, or create the file if it doesn't yet exist.

You need to do:

scp /root/.ssh/id_rsa.pub 10.0.0.1:/root/.ssh/

the ssh to the other server, cd /root/.ssh

cat id_rsa.pub >> authorized_keys2

Kirk

[gbentley]

Thanks God for these Forums and for all the Good Guys out there willing to help !!!

Hope the new site gets to be comprehensive as the Xoops one

Keep on Rockin SME !!!