Hi,
I am trying to setup passwordless login's for access to an application on a server, the application can be run in a console and want to suppress server logins by using RSA keys and not having to enter in a server password.

I have setup RSA keys and copied these to the server and the sever is now also listed in the know hosts file but it still prompts for a password to login.

I run a script to login and start the program and i have run this is verbose to get the debug output.

debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to burwood1 [192.168.10.4] port 22.
debug1: Connection established.
debug1: identity file /home/jwalker/.ssh/identity type -1
debug1: identity file /home/jwalker/.ssh/id_rsa type 1
debug1: identity file /home/jwalker/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH_3.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'burwood1' is known and matches the RSA host key.
debug1: Found key in /home/jwalker/.ssh/known_hosts:14
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/jwalker/.ssh/identity
debug1: Offering public key: /home/jwalker/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/jwalker/.ssh/id_dsa
debug1: Next authentication method: password
sageuser@burwood1's password:

Any help with this would be great..

You made sure you put the public key in ~/.ssh/authorized_keys on the server, right?

sure did, they are in the users directory that is loggin on...

Some things to check which are usually the problem. The first three only matter if StrickModes on is set in /etc/ssh/sshd_config on the server.


Make sure the permissions on /home/sageuser are not group or world writeable
Make sure the permisions on /home/sageuser/.ssh are 700
Make sure the permissions on /home/sageuser/.ssh/authorized_keys is 600
Try putting the public key in /home/sageuser/.ssh/authorized_keys2 instead because SSHv2 keys sometimes need to go there.
Make sure the key is all on one line and that it is not broken over multiple lines.
Does your server have PubkeyAuthentication set to yes


One thing about empty passphrases, I would recommend that you do forced commands so that people can't run anything but what you intend them to. Put something like this in your authorized_keys file:

command="/usr/bin/sage" ssh-rsa AAAA35873JJKDGF.....

Problem Fixed...

The issue was with the security, i changed the permissions on the server to 600 and then i received another message when trying to logon that said that the permissions were to open for SSH2. When the rsa files were created in the users local directory the permissions were 644, i then changed these to 600 as well and they were are to logon again without the password.

Thanks for the help...