Many people responded, and as always, I am impressed with the quality and volume of responses from the list! Kudos go to Crist Clark for pointing out a typo in my configuration.... I had added the public file to $HOME/.ssh/authorized_hosts instead of $HOME/.ssh/authorized_keys Shame on me for not double checking *everything*.... even the simple stuff you know you can't screw up! Other suggestions included checking the permissions on the .ssh directory and files therein (they were ok), running the sshd daemon in debug mode (gives more useful info than the client) and an interesting (though in this case not relevant) reference to key interoperability between Sun/OpenSSH and SSH.COM implementations (http://www.netsys.com/cgi-bin/display_article.cgi?1254). Many thanks to the following for their responses: John Julian Len Rose Ian Wallace Ryan Bishop Dan Lowe Jesse Trucks Ben Green Darren Dunham Crist Clark -Adam ------------ Original Question ------------- >Hi All... > >Been banging my head on this one for a while.... perhaps someone out there >can offer some advice. > >In the past, I've set up ssh key-based authentication using RSA keys with >empty passwords for restricted accounts and scriptable scp file >copies. Last time I had to set this up, it was between a Solaris 8 box >with OpenSSH and an OpenBSD box. The whole process took about 10 minutes >to get working. > >I have a situation here with Solaris 8 and Solaris 9 servers where I'm >trying to set up the same sort of thing. I know that the stock ssh on Sol >9 doesn't support key-based auth, so I replaced it with OpenSSH 3.5p1 - >same version that is installed on my Solaris 8 box. > >I generate rsa keys: > >$ ssh-keygen -t rsa > >Copy the id_rsa.pub file to the target box and add the contents of the >file to the .ssh/authorized_hosts file. > >That *should* be sufficient, and yet, it doesn't work: > >debug1: authentications that can continue: >publickey,password,keyboard-interactive >debug1: next auth method to try is publickey >debug1: userauth_pubkey_agent: testing agent key >/export/home/catrep/.ssh/id_rsa >debug1: authentications that can continue: >publickey,password,keyboard-interactive >debug1: try privkey: /export/home/catrep/.ssh/identity >debug1: try privkey: /export/home/catrep/.ssh/id_rsa >debug1: read PEM private key done: type RSA >debug1: authentications that can continue: >publickey,password,keyboard-interactive >debug1: try privkey: /export/home/catrep/.ssh/id_dsa >debug1: next auth method to try is keyboard-interactive >debug1: authentications that can continue: >publickey,password,keyboard-interactive >debug1: next auth method to try is password > > >The same behavior is evident when using ssh-agent first: > >$ eval `/usr/local/bin/ssh-agent` >$ /usr/local/bin/ssh-add > > >My sshd_config file contains: > >RSAAuthentication yes >PubkeyAuthentication yes >AuthorizedKeysFile .ssh/authorized_keys > > > >Any ideas? > >Thanks in advance, will summarize to the list. > >-Adam _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Tue Apr 1 13:34:36 2003
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:08 EST