On 24 Feb 2006, at 12:28, conor at discuskeeping.com wrote:
> 1. I have copied id_rsa.pub across to accounts (oracle) on two nodes
> 2. Testing ssh machine1 or ssh machine2 both allow access with rsa keys
> 3. ssh machine1 date
> works, no password needed.
> 4. ssh machine2 date
> prompts for the passwd.
EINCONSISTENT - you said in 2. that "ssh machine1 or ssh machine2 both
allow access with rsa keys bi-directionally" (though I'm not sure what
you mean by bidirectionally) but then you said in 4. that ssh
machine2 date asks for a password. So can you clarify what the problem
is, and what you want to do?
I find that very many ssh key forwarding problems are permission
related, even when you're sure they're not :-) I also find that the ssh
debug methods of choice are
1) ssh -v from local to remote (but often not too helpful)
2) Run a debugging server on remote with
sshd -d -p 222
which will stay in the foreground.
and then from local run ssh -p 222 remote
The output from the sshd is often most informative.
A further variant on that is to run
sshd -d -f /dev/null -p 222
which can help see if something in your sshd configuration file is
> The only difference I can tell is :
>> [root at machine2 ~]# ps -ef | grep -i ssh-agent
> oracle 30200 1 0 Feb23 ? 00:00:00 ssh-agent
> root 12106 6136 0 13:06 pts/1 00:00:00 grep -i ssh-agent
>> [root at machine1 ~]# ps -ef | grep -i ssh-agent
> root 10188 1 0 Feb21 ? 00:00:00 /usr/bin/ssh-agent -s
> root 17188 14080 0 13:03 pts/1 00:00:00 grep -i ssh-agent
red herrings - the ssh agent you're concerned with is the one running
on your LOCAL box. the above are ssh agents running for oracle (on
machine2) and for root (on machine1) but they have nothing to do with
your ssh connections from your local box.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!