ssh password less authentication doesn't work

sorry for posting common topic again. I read several similar question but I still haven’t found why it is not working. So let me describe what I did.
I generated private/public rsa key files on a different machine than client/server are.

Then I created ~/.ssh dir and copy over private key id_rsa on a client side, set appropriate owner and file permissions. On a server side I created again under the user I want connect to ~/.ssh put the public key into authorized keys.

When I tried ssh client to host it still requires password even though that keys were generated as password less.

Did I overlooked something obvious?

I also tried to find on a server side check the ssh log for details why it requires passwd – but /var/log/auth or /var/log/ssh doesn’t exist. Isn’t it enabled by default or do I need to change config of sshd and restart the service.

I’m using CentOS 6.

To Answer the questions:
~/.ssh on server side:

rw-------. hdfs hadoop  authorized_keys

rw-------. hdfs hadoop  config

rw-------. hdfs hadoop  id_rsa.pub

cnfig contains:

Host *
StrictHostKeyChecking no

~/.ssh on client side:

rw-------. hdfs hadoop authorized_keys

rw-------. hdfs hadoop config - the content is the same

rw-------. hdfs hadoop id_rsa

rw-r--r--. hdfs hadoop known_hosts 
  • this one were probably generated by my attempts

Here is Solutions:

We have many solutions to this problem, But we recommend you to use the first solution because it is tested & true solution that will 100% work for you.

Solution 1

In CentOS 6, there is a bug that prevents ssh RSA authentication from working as desired if selinux is in Enforcing mode.

You can disable selinux, or you can try the workaround below:

restorecon -R -v ~$USER/.ssh

Solution 2

These two lines from the ssh centos-howto solved the issue for me:

$ chmod 700 ~/.ssh
$ chmod 600 ~/.ssh/authorized_keys 

Solution 3

Can you try this. Add the following lines to ~/.ssh/config:

Host remotehost
 IdentityFile ~/.ssh/your_private_key

Note: Use and implement solution 1 because this method fully tested our system.
Thank you 🙂

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply