EDIT: Mettere esattamente cosa è stato fattoCome ssh su localhost senza password?
Ho bisogno di SSH localhost senza password, il solito modo di farlo (con le chiavi pubbliche) non funziona.
[email protected]:~$ rm -rf .ssh/*
[email protected]:~$ ssh-keygen -t rsa > /dev/null
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
[email protected]:~$ ls .ssh/
id_rsa id_rsa.pub
[email protected]:~$ ssh-copy-id -i localhost
The authenticity of host 'localhost (::1)' can't be established.
RSA key fingerprint is f7:87:b5:4e:31:a1:72:11:8e:5f:d2:61:bd:b3:40:1a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
[email protected]'s password:
Now try logging into the machine, with "ssh 'localhost'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[email protected]:~$ ssh-agent $SHELL
[email protected]:~$ ssh-add -L
The agent has no identities.
[email protected]:~$ ssh-add
Identity added: /home/user/.ssh/id_rsa (/home/user/.ssh/id_rsa)
[email protected]:~$ ssh-add -L
ssh-rsa ...MY KEY HERE
[email protected]:~$ ssh-copy-id -i localhost
[email protected]'s password:
Now try logging into the machine, with "ssh 'localhost'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[email protected]:~$ ssh localhost echo 'testing'
[email protected]'s password:
[email protected]:~$
Quindi, come potete vedere nella ultimo comando è ancora chiedendo la password! Come posso risolvere il problema? Ubuntu 10.04, OpenSSH_5.3p1
EDIT2:
Aggiunta di alcune informazioni circa lo sshd
[email protected]:~$ cat /etc/ssh/sshd_config | grep Authentication
# Authentication:
RSAAuthentication yes
PubkeyAuthentication yes
RhostsRSAAuthentication no
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
ChallengeResponseAuthentication no
# PasswordAuthentication yes
Edit3: Ading derivano da $ ssh -vv localhost
$ssh -vv localhost
...
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/user/.ssh/identity
debug1: Offering public key: /home/user/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/user/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
[email protected]'s password:
Funziona come un fascino! Grazie –
Posso ssh senza password senza utilizzare il passaggio 3? Quando dovrei fare il passaggio 3? –
@Rich: è solo per proteggersi da ciò che [@shipr cita nella sua risposta di seguito] (http://stackoverflow.com/a/10744443/98528). Se il tuo '~/.ssh/authorized_keys' era già esistente e aveva le autorizzazioni corrette, (3.) non è necessario, ma non danneggia. – akavel