using ssh without password
Robert Bossecker
nagios-u-rb at bossecker.de
Wed Mar 9 01:40:38 CET 2005
Hi there,
1.
within the sshd_config file there may be a parameter
"AuthorizedKeysFile" it should be set to ".ssh/authorized_keys"
to allow authorized_keys in your home directory, otherwise you need to
use the configured file to add pub-keys to.
2.
You may also for more ease create a symlink "ln -s authorized_keys
authorized_keys2", so you need only to take care
about keys in one place if the systems in question use different styles.
We found that on some distros authorized_keys
is used regardless of the protocol.
3.
The permissions of the directories/files
$HOME
$HOME/.ssh
$HOME/.ssh/authorized_keys
need not allow anybody other than the owner to have write permission.
But the last resort when you get no idea is to stop sshd and run "sshd
-d", if this is a remote machine you should take
care to start the sshd after the session has been ended because in debug
mode sshd ends after the sessions is terminated.
When using ssh within cron jobs or other automated scripts it is also a
good idea to use the option "-o 'BatchMode yes'",
so ssh is not prompting for a password, the output is then only
"permission denied" but no hang at some prompt.
Another hint is not to allow login shells to unprotected keys (without
password), if your key is compromised this may
limit damage. You can do so by using "command=" directives in the
authorized_keys file. The disadvantage is that
you can only specify one command per key. The man page for sshd will
give you more information.
Regards
vivek sharma sharma wrote:
> Hi all,
> I am trying make ssh work without password so as to use push_ssh
> in nagios .for this
>
> I have done the following things:
> 1.)On nagios host :
> ssh-keygen -t rsa
>
> no passphrase entered
>
> 2.)created a .ssh dir. in the client host with 600 permissions
> In this host created file by vi editor
> vi authorizedkeys2
> and pasted the contents of id_rsa.pub file from nagios host
>
> 3.)then if i try to do ssh from nagios host to the client host still
> it asks for a password.
>
> Dont know whats wrong now..
> Plz suggest
>
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list