Run SSH without password

[Shibupthomas]

HI all.

I want to do ssh login into two different mechines on by one.I tried the following squence.but it is not working correctly.
For Ex I have 3 mechines Host1,Host2,Host3.
I need to login into Host2,Host3 using SSH from Host1.
I tried the following:
step 1:
-logged into Host 1
-execute ssh localhost
-execute ssh-keygen -t dsa
-execute scp ~/.ssh/id_dsa.pub Host2:.ssh/authorized_keys2
-exectue ssh -l root Host2
not get the prompt for password.
Then I tried to connect to Host3
step 2:
-logged into Host 1
-execute ssh localhost
-execute ssh-keygen -t dsa
-execute scp ~/.ssh/id_dsa.pub Host3:.ssh/authorized_keys2
-execute ssh -l root Host3
not get the prompt for password.
But after this I tried to connect Host2 from Host1 using
-ssh -l root Host2
I got the prompt for enetring pasword.
Is anyone know how to rectify this.

[atreyu]

Have you tried ssh-copy-id?, e.g.:

Code:

ssh-copy-id -i ~/.ssh/id_dsa root@HostX

If you still have trouble, use 'ssh -v' when connecting, to see debug output - maybe there will be a clue.

[alf55]

HI all.

I want to do ssh login into two different mechines on by one.I tried the following squence.but it is not working correctly.
For Ex I have 3 mechines Host1,Host2,Host3.
I need to login into Host2,Host3 using SSH from Host1.
I tried the following:
step 1:
-logged into Host 1
-execute ssh localhost
-execute ssh-keygen -t dsa
-execute scp ~/.ssh/id_dsa.pub Host2:.ssh/authorized_keys2
-exectue ssh -l root Host2
not get the prompt for password.
Then I tried to connect to Host3
step 2:
-logged into Host 1
-execute ssh localhost
-execute ssh-keygen -t dsa
-execute scp ~/.ssh/id_dsa.pub Host3:.ssh/authorized_keys2
-execute ssh -l root Host3
not get the prompt for password.
But after this I tried to connect Host2 from Host1 using
-ssh -l root Host2
I got the prompt for enetring pasword.
Is anyone know how to rectify this.

The problem is that you generated a new key in step 2 which replaced the first key. Also you should use "ssh-copy-id" rather than "scp" as the latter replaces the file at the destination end. This would remove any other keys that were present in the file. Also, you do not need to ssh into a box that you are logged into simply to generate a key or copy a key to a remote machine.

[Mudgen]

The other important thing that ssh-copy-id does for you is get the ownership and permissions right on the transferred items. ssh is very finicky about the ownership/perms of ~/.ssh and contents, and will not tell you much about what it doesn't like. In particular, authorized_keys has to belong to the user accepting the keys and be mode 600 (or tighter).

[PairOfBlanks2]

HI all.

I want to do ssh login into two different mechines on by one.I tried the following squence.but it is not working correctly.
For Ex I have 3 mechines Host1,Host2,Host3.
I need to login into Host2,Host3 using SSH from Host1.
I tried the following:
step 1:
-logged into Host 1
-execute ssh localhost
-execute ssh-keygen -t dsa
-execute scp ~/.ssh/id_dsa.pub Host2:.ssh/authorized_keys2
-exectue ssh -l root Host2
not get the prompt for password.
Then I tried to connect to Host3
step 2:
-logged into Host 1
-execute ssh localhost
-execute ssh-keygen -t dsa
-execute scp ~/.ssh/id_dsa.pub Host3:.ssh/authorized_keys2
-execute ssh -l root Host3
not get the prompt for password.
But after this I tried to connect Host2 from Host1 using
-ssh -l root Host2
I got the prompt for enetring pasword.
Is anyone know how to rectify this.

I notice, like others in this thread, that you are making new files on Host2 and Host3. Instead, the "id_dsa.pub" _contents_ must be _written_into_ ~/.ssh/authorized_keys. So then:

- Log in to Host 1
- ssh-keygen -t dsa
- scp ~/.ssh/id_dsa.pub Host2:.ssh/foobar
-------- Log in to Host2
-------- cat ~/.ssh/foobar >> ~/.ssh/authorized_keys
-------- rm ~/.ssh/foobar
-------- chmod 700 ~/.ssh
-------- chmod 600 ~/.ssh/authorized_keys
-------- # restart the sshd
-------- logout
- ssh-keygen -t dsa
- scp ~/.ssh/id_dsa.pub Host3:.ssh/foobar
-------- Log in to Host3
-------- cat ~/.ssh/foobar >> ~/.ssh/authorized_keys
-------- rm ~/.ssh/foobar
-------- chmod 700 ~/.ssh
-------- chmod 600 ~/.ssh/authorized_keys
-------- # restart the sshd
-------- logout
- # restart your sshd

I'm not entirely sure if restarting sshd is necessary though. Please reply back with your progress.

[nplusplus]

The blog post has been around for awhile, but you might be interested in something like this.

Configuring an SSH Gateway

N

[Mudgen]

I notice, like others in this thread, that you are making new files on Host2 and Host3. Instead, the "id_dsa.pub" _contents_ must be _written_into_ ~/.ssh/authorized_keys. So then:

- Log in to Host 1
- ssh-keygen -t dsa
- scp ~/.ssh/id_dsa.pub Host2:.ssh/foobar
-------- Log in to Host2
-------- cat ~/.ssh/foobar >> ~/.ssh/authorized_keys
-------- rm ~/.ssh/foobar
-------- chmod 700 ~/.ssh
-------- chmod 600 ~/.ssh/authorized_keys
-------- # restart the sshd
-------- logout
- ssh-keygen -t dsa
- scp ~/.ssh/id_dsa.pub Host3:.ssh/foobar
-------- Log in to Host3
-------- cat ~/.ssh/foobar >> ~/.ssh/authorized_keys
-------- rm ~/.ssh/foobar
-------- chmod 700 ~/.ssh
-------- chmod 600 ~/.ssh/authorized_keys
-------- # restart the sshd
-------- logout
- # restart your sshd

I'm not entirely sure if restarting sshd is necessary though. Please reply back with your progress.

Seriously, use ssh-copy-id, not scp. And restarting sshd is unnecessary when manipulating user keys.