[CLUE-Tech] Passwordless scp?
David Anselmi
anselmi at americanisp.net
Wed Apr 16 09:15:15 MDT 2003
Dan Harris wrote:
[...]
> created a username for this customer on my server
> ran 'ssh-keygen -t rsa' as this user. This created an id_rsa and
> id_rsa.pub in their ~/.ssh directory
> had them create the same username on their server with the same password
> copied both of these files to their server in the ~/.ssh directory
> (tried copying id_rsa.pub to authorized_keys on this client for testing
> purposes)
You need ~/.ssh/id_rsa on the client's machine. You need id_rsa.pub in
the authorized_keys file on your machine. Other than the location of
the private and public keys, everything is flexible.
Since id_rsa represents this user, you should be careful who has access
to it (e.g., it isn't needed on your server so it shouldn't be there).
> From what I've read, that seems to be all I have to do to make this
> work. But unfortunately, both ssh and scp are still prompting for a
> password.
> Can someone steer me in the right direction?
Is ssh asking for a password (to the user account on your machine) or a
passphrase (to the id_rsa file)?
If you created the private key (id_rsa) with a passphrase and that is
what's being asked for you need to provide it. You can either redo the
key without the passphrase or provide it through the ssh-agent. Use
ssh-keygen -p to change the passphrase. (The passphrase encrypts the
private key file so it is not trivial to use if it falls into the wrong
hands.)
The only other thing that seems likely is that sshd_config should
contain "PubkeyAuthentication yes". There are also various other things
you can do to limit the access your client has to your machine.
Dave
More information about the clue-tech
mailing list