20 comment

  1. Can i know why need to append own public key to own authorized_keys?
    i thought own public key is used for others?
    web1 id_rsa.pub append to web2 authorized_keys (correct)
    web2 id_rsa.pub append to web1 authorized_keys (correct)
    web2 id_rsa.pub append to web2 authorized_keys (doubt)

  2. if you have trouble login to your server, check if /etc/ssh/sshd_config contains Protocol 2
    PubkeyAuthentication yes

  3. Hi folks,

    Currently,for instance, many servers can do passwordless ssh to SERVER A
    Now,we are migrating all the stuff from Server A to Server B.
    all those servers which were connecting to Server A,now need to connect to Server B.
    Can i copy over the authorized_keys file from A to B ,so all those servers can connect to server B passwordlessly.
    The idea is to avoid all those servers keys addition to server B /etc/ssh/auth_keys/ file.

    Does it matter if platform(solaris to linux,vice versa)is different?

    2nd case:
    Server A connects to other servers using ssh which is passwordless. ServerA will be replaced by server B.
    do i need to send Servers’ B pub key to all those other servers have them add serverB pub key in their authorized key file?
    Or to avoid this, can i just copy over the pub key pair from server A to Server B,so other servers wont have to make any change on their side.

    1. PuTTY comes with a utility called pageant (C:Program FilesPuTTYpageant.exe probably) that you load at startup– in your startup group. The icon there should read”C:Program FilesPuTTYpageant.exe” “C:Program FilesPuTTYid_rsa_putty.ppk” or something like that. Then your key is always available.

  4. Hi,

    I have a question.
    I have two different servers, but they have the same home directory (it’s a network path that is mapped to the home dirrectory on each server).
    I want to be able to ssh without a password from one server to the other, I’ve tried these steps, but wasn’t successfull because I think both servers share the same files.

    Is there a way around this?

    Can I create a key and save it in some other area and use that during ssh command?


  5. Hello,

    I have a problem with ssh password less login with nis users, when user login from client to server.

    i normally follow the steps below to fix ssh password less login and it works for few users but not for few, please help with steps to fix this issue.

    host:user1# ssh-keygen -t rsa
    host:user1# ssh-copy-id -i ~/.ssh/id_rsa.pub user1@server.com


  6. You’re doing something terribly wrong in Step 2b. You don’t need to and must not copy the remote authorized_keys to any other .ssh/ (the workstation’s in this example); you’re effectively clobbering the workstation’s authorized_keys and granting access to your to every user with access to the server.

    A simpler, safer procedure, is appending every id_rsa.pub to the host’s .ssh/authorized_keys remotely:

    workstation1 $ cat ~/.ssh/id_rsa.pub | ssh user@server “cat >> .ssh/authorized_keys”
    workstation2 $ cat ~/.ssh/id_rsa.pub | ssh user@server “cat >> .ssh/authorized_keys”
    workstation3 $ cat ~/.ssh/id_rsa.pub | ssh user@server “cat >> .ssh/authorized_keys”

  7. While nixCraft’s method may work, it is complicated and insecure. Please, follow arielCo’s advice.

    Alternatively, I usually have at least two terminals open, say one on for the local workstation and one where I connected to the server. I simply copy and paste the content of id_rsa.pub to the authorized_keys file on the server.

    Two problems with nixCraft’s method:

    – there is the danger you unintentionally overwrite files, e.g. if the authorized_keys already had useful keys to begin with;
    – the side effect that you leave an authorized_keys file on workstation2 (arielCo’s point about clobbering).

  8. So when any new user runs ‘ssh-keygen -t rsa’ and then proceeds to create the respective priv/pub keys, must the user use a passphrase? Or should the new user ommit that (e.g: leave empty).

Leave a Comment