I know this question has been asked, but I'm certain I've done what all the other answers suggest.
Machine A:
- used keygen -t rsa to create id_rsa.pub in ~/.ssh/
- copied Machine A's id_rsa.pub to Machine B user's home directory
- Made the file permissions of id_rsa.pub 600
Machine B
- added Machine A's pub key to authorised_keys and authorised_keys2: cat ~/id_rsa.pub >> ~/.ssh/authorised_keys2
- made the file permissions of id_rsa.pub 600
I've also ensured both the .ssh directories have the permission 700 on both machine A and B.
If I try to login to machine B from machine A, I get asked for the password, not the ssh pass phrase.
I've got the root users on both machines to talk to each other using password-less ssh, but I can't get a normal user to do it.
Do the user names have to be the same on both sides? Or is there some setting else where I've missed.
Machine A is a Ubuntu 10.04 virtual machine running inside VirtualBox on a Windows 7 PC, Machine B is a dedicated Ubuntu 9.10 server
UPDATE : I've run ssh with the option -vvv, which provides many many lines of output, but this is the last few commands:
debug3: check_host_in_hostfile: filename /home/pete/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host '192.168.1.19' is known and matches the RSA host key.
debug1: Found key in /home/pete/.ssh/known_hosts:1
debug2: bits set: 504/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1015
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 48 bytes for a total of 1063
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/pete/.ssh/identity ((nil))
debug2: key: /home/pete/.ssh/id_rsa (0x7ffe1baab9d0)
debug2: key: /home/pete/.ssh/id_dsa ((nil))
debug3: Wrote 64 bytes for a total of 1127
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/pete/.ssh/identity
debug3: no such identity: /home/pete/.ssh/identity
debug1: Offering public key: /home/pete/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1495
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/pete/.ssh/id_dsa
debug3: no such identity: /home/pete/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
Use
ssh-copy-id
to copy your keys; it will create any necessary files/directories and fix any broken permissions along the way.file name has to be:
authorized_keys2
and it should bechmod 600
.* UPDATE * : provide output of following (from a remote server):
Is SELinux enabled? (use:
getenforce
), are you gettingPermissive
orEnfrocing
?