Top Posting as all the noise below may be of interest, but it may not be. Actually re-reading my post shows my irritation with Jan’s post. I guess that I’m here because of a significant and so far insoluable problem and I welcome any ideas or caveats, I think his tone trivializes my angst, appologies!
Jan I must assume that you have never done a password-less login to a high sierra machine and the tone of your questions betrays that. I have mumble (aah hell 40 years experience using unix and I have and do do many many password-less logins eg gathering data frrom an embedded logger) so the stock right-way is cute, but moot > On 3 Sep 2018, at 8:00 pm, [email protected] wrote: > >> but directly related to a port <smile> > > What port? actually openssh which works everywhere ( where works == password-less login NB nothing to do with pass-phrase) does not work on high sierra > >> I want password-less ssh login > > Create a password-less key and copy it into > ~/.ssh/authorized_keys on the remote site. > > Make sure that ~/.ssh is chmod 700 and authorized_keys is chmod 600 > if you are creating them from scratch. (The OS possibly did that for you > upon user creation.) > >> i usually copy the public key by hand, but I also used ssh-copy-id >> from 1_mac to another >> from 1_mac to itself >> from 1_mac to a plethora of linux machines and virtual machines >> >> 1_mac cannot login passwd-less to another. > > To another what? The original post made clear I called the first mac "mac-1" and the second mac “another" > What happens if you copy the key by hand, not relying on ssh-copy-id? > Have you checked that the key is actually installed there? By hand and with ssh-copy-id achieves identical results. I’ve also generated id_rsa and id_rsa.pub on linux machines (In case apple does something bizare) >> Passwd is requested then all is well. > > What password, if it's a password-less key? if public key auth fails then you fall back to password auth >> 1_mac CAN login to itself passwdless And with openssh that happens too. I’ve not tried user a login to user b, I shall try in the morning >> 1_mac CAN login to the linux boxes passwdless >> >> The logs show nothing of interest (-vvv, not tried to get server logs yet) > > You have succesfully logged in. The logs will say so. > What else do you expect to see there? Umm I’m confused. I see a password prompt not a shell prompt. I see too public_key auth failed wthi error 51 before password auth gets tried >> Google is full of stuff, eg since High Sierra Apple silently enforces a 2048 >> bit key, but nothing that actually solves the problem > > What problem? Again ummmm. Password-less login. I can see my suspition is not happening which was blank pass phrase is not allowed. > On Sep 01 17:45:13, [email protected] <mailto:[email protected]> wrote: >>> I want password-less ssh login >>> i usually copy the public key by hand, but I also used ssh-copy-id >> >> I've done that, but I think it involved temporarily enabling TELNET etc, >> then ye olde copy/paste of the public key. > > Why would you use TELNET to transfer your ssh key? > To completely defeat the purpose? I think one of the answers mentioned telnet, I certainly did not. James
