Password less SSH using RSA/DSA public key helps a lot in automated file copying, scripts, cron, etc. but there found a trouble when a root equivalent user will try this mechanism.
It wont work if you just copy/append the public key to remote server's ~/.ssh/authorized_keys. The wrong thing here is when you generate public key it will make one with username root instead of the real user's name since the UID is 0. The hack to be done to fix this is just change the username at the end of the public key in authorized_keys at remote server.
. Change the username entry of Public key at remote location in authorized_keys from root to USER. If you have a single entry in authorized_keys you can run the below command. Otherwise open it in an editor and replace the ROOT with USERNAME for the specific key.
# sed -i 's/root/USER/g' /home/USER/.ssh/authorized_keys
Other general things to be taken care in SSH key mechanism are
· Set user and group of /home/USER to USER
# chown USER.USER –R /home/USER
· Changed the permission of /home/USER/.ssh to 700
# chown 700 /home/USER/.ssh
· Changed the permission of all files under /home/USER/.ssh to 600
# chmod go-rwx /home/USER/.ssh/*
· Use ssh –i /home/USER/.ssh/id_rsa option for password less authentication
· Restart SSHD.
Sunday, October 17, 2010
Subscribe to:
Posts (Atom)
AT&T USA | Internet not working | Fix by custom APN
If the AT&T Mobile internet is not working on your cellphone, it can be fixed easily by adding an APN configuration. You can read this a...
-
1. Open Applications -> System -> Configuration Editor from the GUI OR Open a terminal, type gconf-editor 2. Go to "...
-
#!/bin/bash # BASH Script to generate $EXTENSION files like FILE_fr.$EXTENSION,FILE_sp.$EXTENSION from existing FILE_$SEARCHSTRING.$EXTENSIO...
-
#!/bin/bash # Script to create a CSV formatted text with a file of a few lines having one entry per line. # This will merge the files line b...