Change this line as shown to disable passwords (PKI keys only): PasswordAuthentication no
And for security reasons, you should also change this one as shown (Did you change this one to disable passwords? If so, it was the wrong one): PermitEmptyPasswords no Jeremiah E. Bess Network Ninja, Penguin Geek, Father of five. <https://plus.google.com/u/0/103182072532361592558> <https://www.facebook.com/jeremiahbess> <http://www.linkedin.com/profile/view?id=47451026> On Fri, Feb 17, 2012 at 11:42, Scott Vargovich <[email protected]>wrote: > http://pastebin.com/qqd95rhs > > > On Fri, Feb 17, 2012 at 1:32 PM, Jeremiah Bess <[email protected]>wrote: > >> It's still saying it can use passwords. Can you post your sshd_config? >> >> >> Jeremiah E. Bess >> Network Ninja, Penguin Geek, Father of five. >> >> <https://plus.google.com/u/0/103182072532361592558> >> <https://www.facebook.com/jeremiahbess> >> <http://www.linkedin.com/profile/view?id=47451026> >> >> >> >> On Fri, Feb 17, 2012 at 11:23, Scott Vargovich <[email protected]>wrote: >> >>> http://pastebin.com/6y8tpcmA >>> >>> >>> On Fri, Feb 17, 2012 at 1:19 PM, Scott Vargovich <[email protected] >>> > wrote: >>> >>>> Yes I have console access. I'll do that and fire you another pastebin. >>>> >>>> >>>> On Fri, Feb 17, 2012 at 1:16 PM, Jeremiah Bess <[email protected] >>>> > wrote: >>>> >>>>> Hmm...hard to troubleshoot over email. Do you have console access to >>>>> the ssh server? If so, change the sshd_config so it does not allow >>>>> passwords, restart sshd and try again. Use verbose output from ssh on the >>>>> client-side, and post the output. >>>>> >>>>> >>>>> Jeremiah E. Bess >>>>> Network Ninja, Penguin Geek, Father of five. >>>>> >>>>> <https://plus.google.com/u/0/103182072532361592558> >>>>> <https://www.facebook.com/jeremiahbess> >>>>> <http://www.linkedin.com/profile/view?id=47451026> >>>>> >>>>> >>>>> >>>>> On Fri, Feb 17, 2012 at 11:13, Scott Vargovich <[email protected] >>>>> > wrote: >>>>> >>>>>> That's not my issue. >>>>>> >>>>>> On Fri, Feb 17, 2012 at 1:09 PM, Jeremiah Bess < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> When I've run into that problem, it was typically something with one >>>>>>> the key files. Check to make sure in each key file that it is a single >>>>>>> line >>>>>>> per key. >>>>>>> >>>>>>> >>>>>>> Jeremiah E. Bess >>>>>>> Network Ninja, Penguin Geek, Father of five. >>>>>>> >>>>>>> <https://plus.google.com/u/0/103182072532361592558> >>>>>>> <https://www.facebook.com/jeremiahbess> >>>>>>> <http://www.linkedin.com/profile/view?id=47451026> >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Fri, Feb 17, 2012 at 11:07, Scott Vargovich < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> ... and I did remember to restart ssh on the server. >>>>>>>> >>>>>>>> >>>>>>>> On Fri, Feb 17, 2012 at 1:05 PM, Jeremiah Bess < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Let us know when you get it working, or if you run into any other >>>>>>>>> problems. >>>>>>>>> >>>>>>>>> >>>>>>>>> Jeremiah E. Bess >>>>>>>>> Network Ninja, Penguin Geek, Father of five. >>>>>>>>> >>>>>>>>> <https://plus.google.com/u/0/103182072532361592558> >>>>>>>>> <https://www.facebook.com/jeremiahbess> >>>>>>>>> <http://www.linkedin.com/profile/view?id=47451026> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> On Fri, Feb 17, 2012 at 11:01, Scott Vargovich < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> Duh!!! I knew that! I'm having another one of those - what my >>>>>>>>>> wifey calls - Scott *BRAINDEAD* days. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Fri, Feb 17, 2012 at 12:58 PM, Jeremiah Bess < >>>>>>>>>> [email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> You can do a scp transfer from the server to the client to get >>>>>>>>>>> the key, since it looks like you have password-access: >>>>>>>>>>> scp user@server:\locationofprivatekey ~/.ssh/id_rsa >>>>>>>>>>> >>>>>>>>>>> If you have a different port, use the -p option of scp: >>>>>>>>>>> scp -p 1234 user@server:\locationofprivatekey ~/.ssh/id_rsa >>>>>>>>>>> >>>>>>>>>>> Jeremiah E. Bess >>>>>>>>>>> Network Ninja, Penguin Geek, Father of five. >>>>>>>>>>> >>>>>>>>>>> <https://plus.google.com/u/0/103182072532361592558> >>>>>>>>>>> <https://www.facebook.com/jeremiahbess> >>>>>>>>>>> <http://www.linkedin.com/profile/view?id=47451026> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> On Fri, Feb 17, 2012 at 10:49, Scott Vargovich < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>>> Ok - here are the answers to your battery of questions... >>>>>>>>>>>> >>>>>>>>>>>> 1. Yes >>>>>>>>>>>> 2. >>>>>>>>>>>> -rw------- 1 scott scott 793 2010-10-08 15:01 authorized_keys >>>>>>>>>>>> -rw------- 1 scott scott 670 2011-08-12 14:19 authorized_keys2 >>>>>>>>>>>> >>>>>>>>>>>> The pub key is saved in the authorized_keys file. >>>>>>>>>>>> >>>>>>>>>>>> 3. >>>>>>>>>>>> drwx------ 2 scott scott 117 2012-02-17 10:53 .ssh >>>>>>>>>>>> >>>>>>>>>>>> 4. Yes >>>>>>>>>>>> 5. >>>>>>>>>>>> scott@bletchley:~/.ssh$ ls >>>>>>>>>>>> authorized_keys known_hosts >>>>>>>>>>>> >>>>>>>>>>>> 6. No file to have permissions on. >>>>>>>>>>>> 7. >>>>>>>>>>>> drwx------ 2 scott users 4096 Feb 17 11:07 .ssh >>>>>>>>>>>> >>>>>>>>>>>> It appears I have fubared copying the server's pub key to the >>>>>>>>>>>> client. I use a high non-standard port for openssh_server, so the >>>>>>>>>>>> copy >>>>>>>>>>>> command didn't work properly. What would be the easiest way to >>>>>>>>>>>> copy that >>>>>>>>>>>> file using a port other than 22 for openssh_server? >>>>>>>>>>>> >>>>>>>>>>>> On Fri, Feb 17, 2012 at 12:01 PM, Jeremiah Bess < >>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> Oooo! I can help with this. I use this all the time, love it. >>>>>>>>>>>>> >>>>>>>>>>>>> The bletchley.domain_not_set.invalid is the name of the >>>>>>>>>>>>> computer you are SSHing from. That really doesn't have anything >>>>>>>>>>>>> to do with >>>>>>>>>>>>> passwordless login. >>>>>>>>>>>>> >>>>>>>>>>>>> 1. Do you have the your public key saved in the >>>>>>>>>>>>> ~/.ssh/authorized_keys file on your SSH server? >>>>>>>>>>>>> 2. What are the permissions on that file? >>>>>>>>>>>>> 3. What are the permissions on that folder? >>>>>>>>>>>>> 4. Have you altered the /etc/ssh/sshd_config on the server >>>>>>>>>>>>> to have the line, "PubkeyAuthentication yes" >>>>>>>>>>>>> 5. On your SSH client, do you have your public key saved >>>>>>>>>>>>> in ~/.ssh/id_rsa or ~/.ssh/id_dsa? >>>>>>>>>>>>> 6. What are the permissions on that file? >>>>>>>>>>>>> 7. What are the permissions on that folder? >>>>>>>>>>>>> >>>>>>>>>>>>> Let's work with that stuff first. >>>>>>>>>>>>> >>>>>>>>>>>>> Jeremiah E. Bess >>>>>>>>>>>>> Network Ninja, Penguin Geek, Father of five. >>>>>>>>>>>>> >>>>>>>>>>>>> <https://plus.google.com/u/0/103182072532361592558> >>>>>>>>>>>>> <https://www.facebook.com/jeremiahbess> >>>>>>>>>>>>> <http://www.linkedin.com/profile/view?id=47451026> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> On Fri, Feb 17, 2012 at 09:46, Scott Vargovich < >>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> Here's my pastebin: >>>>>>>>>>>>>> >>>>>>>>>>>>>> http://pastebin.com/QcVqVqDR >>>>>>>>>>>>>> >>>>>>>>>>>>>> I tried to set up passwordless login by following this page: >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> http://www.thegeekstuff.com/2008/11/3-steps-to-perform-ssh-login-without-password-using-ssh-keygen-ssh-copy-id/ >>>>>>>>>>>>>> >>>>>>>>>>>>>> I tried commenting out the 'domain_not_set.invalid' line in >>>>>>>>>>>>>> /etc/resolv.conf, which did nothing. >>>>>>>>>>>>>> >>>>>>>>>>>>>> I'm running Arch Linux. I'm not sure if the domain not set >>>>>>>>>>>>>> issue is related to my trying to set up passwordless login. The >>>>>>>>>>>>>> first time >>>>>>>>>>>>>> I noticed it was right after I tried this hack. I searched >>>>>>>>>>>>>> duckduckgo.com and couldn't find a solved mailing list post. >>>>>>>>>>>>>> HELP?!?!?! >>>>>>>>>>>>>> >>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>> -- >>>>>>>>>>>>>> <>< Scott Vargovich <>< >>>>>>>>>>>>>> ------------------------------------------ >>>>>>>>>>>>>> OpenPGP Key ID: F8F5DC7E >>>>>>>>>>>>>> ------------------------------------------ >>>>>>>>>>>>>> >>>>>>>>>>>>>> -- >>>>>>>>>>>>>> You received this message because you are subscribed to the >>>>>>>>>>>>>> Linux Users Group. >>>>>>>>>>>>>> To post a message, send email to >>>>>>>>>>>>>> [email protected] >>>>>>>>>>>>>> To unsubscribe, send email to >>>>>>>>>>>>>> [email protected] >>>>>>>>>>>>>> For more options, visit our group at >>>>>>>>>>>>>> http://groups.google.com/group/linuxusersgroup >>>>>>>>>>>>>> References can be found at: http://goo.gl/anqri >>>>>>>>>>>>>> Please remember to abide by our list rules ( >>>>>>>>>>>>>> http://tinyurl.com/LUG-Rules or >>>>>>>>>>>>>> http://cdn.fsdev.net/List-Rules.pdf) >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> You received this message because you are subscribed to the >>>>>>>>>>>>> Linux Users Group. >>>>>>>>>>>>> To post a message, send email to >>>>>>>>>>>>> [email protected] >>>>>>>>>>>>> To unsubscribe, send email to >>>>>>>>>>>>> [email protected] >>>>>>>>>>>>> For more options, visit our group at >>>>>>>>>>>>> http://groups.google.com/group/linuxusersgroup >>>>>>>>>>>>> References can be found at: http://goo.gl/anqri >>>>>>>>>>>>> Please remember to abide by our list rules ( >>>>>>>>>>>>> http://tinyurl.com/LUG-Rules or >>>>>>>>>>>>> http://cdn.fsdev.net/List-Rules.pdf) >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> <>< Scott Vargovich <>< >>>>>>>>>>>> ------------------------------------------ >>>>>>>>>>>> OpenPGP Key ID: F8F5DC7E >>>>>>>>>>>> ------------------------------------------ >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> You received this message because you are subscribed to the >>>>>>>>>>>> Linux Users Group. >>>>>>>>>>>> To post a message, send email to >>>>>>>>>>>> [email protected] >>>>>>>>>>>> To unsubscribe, send email to >>>>>>>>>>>> [email protected] >>>>>>>>>>>> For more options, visit our group at >>>>>>>>>>>> http://groups.google.com/group/linuxusersgroup >>>>>>>>>>>> References can be found at: http://goo.gl/anqri >>>>>>>>>>>> Please remember to abide by our list rules ( >>>>>>>>>>>> http://tinyurl.com/LUG-Rules or >>>>>>>>>>>> http://cdn.fsdev.net/List-Rules.pdf) >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> You received this message because you are subscribed to the >>>>>>>>>>> Linux Users Group. >>>>>>>>>>> To post a message, send email to >>>>>>>>>>> [email protected] >>>>>>>>>>> To unsubscribe, send email to >>>>>>>>>>> [email protected] >>>>>>>>>>> For more options, visit our group at >>>>>>>>>>> http://groups.google.com/group/linuxusersgroup >>>>>>>>>>> References can be found at: http://goo.gl/anqri >>>>>>>>>>> Please remember to abide by our list rules ( >>>>>>>>>>> http://tinyurl.com/LUG-Rules or >>>>>>>>>>> http://cdn.fsdev.net/List-Rules.pdf) >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> <>< Scott Vargovich <>< >>>>>>>>>> ------------------------------------------ >>>>>>>>>> OpenPGP Key ID: F8F5DC7E >>>>>>>>>> ------------------------------------------ >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> You received this message because you are subscribed to the Linux >>>>>>>>>> Users Group. >>>>>>>>>> To post a message, send email to [email protected] >>>>>>>>>> To unsubscribe, send email to >>>>>>>>>> [email protected] >>>>>>>>>> For more options, visit our group at >>>>>>>>>> http://groups.google.com/group/linuxusersgroup >>>>>>>>>> References can be found at: http://goo.gl/anqri >>>>>>>>>> Please remember to abide by our list rules ( >>>>>>>>>> http://tinyurl.com/LUG-Rules or >>>>>>>>>> http://cdn.fsdev.net/List-Rules.pdf) >>>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> You received this message because you are subscribed to the Linux >>>>>>>>> Users Group. >>>>>>>>> To post a message, send email to [email protected] >>>>>>>>> To unsubscribe, send email to >>>>>>>>> [email protected] >>>>>>>>> For more options, visit our group at >>>>>>>>> http://groups.google.com/group/linuxusersgroup >>>>>>>>> References can be found at: http://goo.gl/anqri >>>>>>>>> Please remember to abide by our list rules ( >>>>>>>>> http://tinyurl.com/LUG-Rules or >>>>>>>>> http://cdn.fsdev.net/List-Rules.pdf) >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> <>< Scott Vargovich <>< >>>>>>>> ------------------------------------------ >>>>>>>> OpenPGP Key ID: F8F5DC7E >>>>>>>> ------------------------------------------ >>>>>>>> >>>>>>>> -- >>>>>>>> You received this message because you are subscribed to the Linux >>>>>>>> Users Group. >>>>>>>> To post a message, send email to [email protected] >>>>>>>> To unsubscribe, send email to >>>>>>>> [email protected] >>>>>>>> For more options, visit our group at >>>>>>>> http://groups.google.com/group/linuxusersgroup >>>>>>>> References can be found at: http://goo.gl/anqri >>>>>>>> Please remember to abide by our list rules ( >>>>>>>> http://tinyurl.com/LUG-Rules or http://cdn.fsdev.net/List-Rules.pdf >>>>>>>> ) >>>>>>>> >>>>>>> >>>>>>> -- >>>>>>> You received this message because you are subscribed to the Linux >>>>>>> Users Group. >>>>>>> To post a message, send email to [email protected] >>>>>>> To unsubscribe, send email to >>>>>>> [email protected] >>>>>>> For more options, visit our group at >>>>>>> http://groups.google.com/group/linuxusersgroup >>>>>>> References can be found at: http://goo.gl/anqri >>>>>>> Please remember to abide by our list rules ( >>>>>>> http://tinyurl.com/LUG-Rules or http://cdn.fsdev.net/List-Rules.pdf) >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> <>< Scott Vargovich <>< >>>>>> ------------------------------------------ >>>>>> OpenPGP Key ID: F8F5DC7E >>>>>> ------------------------------------------ >>>>>> >>>>>> -- >>>>>> You received this message because you are subscribed to the Linux >>>>>> Users Group. >>>>>> To post a message, send email to [email protected] >>>>>> To unsubscribe, send email to >>>>>> [email protected] >>>>>> For more options, visit our group at >>>>>> http://groups.google.com/group/linuxusersgroup >>>>>> References can be found at: http://goo.gl/anqri >>>>>> Please remember to abide by our list rules ( >>>>>> http://tinyurl.com/LUG-Rules or http://cdn.fsdev.net/List-Rules.pdf) >>>>>> >>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Linux >>>>> Users Group. >>>>> To post a message, send email to [email protected] >>>>> To unsubscribe, send email to >>>>> [email protected] >>>>> For more options, visit our group at >>>>> http://groups.google.com/group/linuxusersgroup >>>>> References can be found at: http://goo.gl/anqri >>>>> Please remember to abide by our list rules ( >>>>> http://tinyurl.com/LUG-Rules or http://cdn.fsdev.net/List-Rules.pdf) >>>>> >>>> >>>> >>>> >>>> -- >>>> <>< Scott Vargovich <>< >>>> ------------------------------------------ >>>> OpenPGP Key ID: F8F5DC7E >>>> ------------------------------------------ >>>> >>> >>> >>> >>> -- >>> <>< Scott Vargovich <>< >>> ------------------------------------------ >>> OpenPGP Key ID: F8F5DC7E >>> ------------------------------------------ >>> >>> -- >>> You received this message because you are subscribed to the Linux Users >>> Group. >>> To post a message, send email to [email protected] >>> To unsubscribe, send email to >>> [email protected] >>> For more options, visit our group at >>> http://groups.google.com/group/linuxusersgroup >>> References can be found at: http://goo.gl/anqri >>> Please remember to abide by our list rules (http://tinyurl.com/LUG-Rulesor >>> http://cdn.fsdev.net/List-Rules.pdf) >>> >> >> -- >> You received this message because you are subscribed to the Linux Users >> Group. >> To post a message, send email to [email protected] >> To unsubscribe, send email to >> [email protected] >> For more options, visit our group at >> http://groups.google.com/group/linuxusersgroup >> References can be found at: http://goo.gl/anqri >> Please remember to abide by our list rules (http://tinyurl.com/LUG-Rulesor >> http://cdn.fsdev.net/List-Rules.pdf) >> > > > > -- > <>< Scott Vargovich <>< > ------------------------------------------ > OpenPGP Key ID: F8F5DC7E > ------------------------------------------ > > -- > You received this message because you are subscribed to the Linux Users > Group. > To post a message, send email to [email protected] > To unsubscribe, send email to [email protected] > For more options, visit our group at > http://groups.google.com/group/linuxusersgroup > References can be found at: http://goo.gl/anqri > Please remember to abide by our list rules (http://tinyurl.com/LUG-Rulesor > http://cdn.fsdev.net/List-Rules.pdf) > -- You received this message because you are subscribed to the Linux Users Group. To post a message, send email to [email protected] To unsubscribe, send email to [email protected] For more options, visit our group at http://groups.google.com/group/linuxusersgroup References can be found at: http://goo.gl/anqri Please remember to abide by our list rules (http://tinyurl.com/LUG-Rules or http://cdn.fsdev.net/List-Rules.pdf)
