1

I am trying to get passwordless SSH authentication to work from a Windows 7 machine to local server.

  1. Windows machine: My login name in this machine is MY_LOGIN_NAME. I am using Cygwin as the command line.

  2. CentOS 5.5 Server: I have admin privileges on this server; logged in as root.

Here is what I have done so far:

  1. Logged into MY_LOGIN_NAME on the Windows machine, I ssh-config-usered from the Cygwin command line. This created (at least) RSA public and private keys in C:/Users/MY_LOGIN_NAME/.ssh

  2. I copied the public key over to the server to the .ssh directory using scp.

    scp id-rsa.pub [email protected]:.ssh/id-rsa.pub

  3. Then I tried to log into the server using ssh like so:

    ssh -i id_rsa [email protected]

But it still asks me for my password. What am I missing?

Improve this question

2 Answers 2

Reset to default
5

The problem is your step 2. You overwrote [email protected] public key with your Cygwin public key. That's not what you want.

You should, instead, add your public key to [email protected] authorized keys. This can be done manually appending your id-rsa.pub to /root/.ssh/autorized_keys (on CentOS), or automagically running ssh-copy-id on Cygwin.

ssh-copy-id [email protected]

It will prompt for your password and then you should be fine.

Also, you should recover [email protected] public key, or generate a new pair, if it's not inconvenient.

Improve this answer
1
  • Please note that even with the proper keys in place, unless the client side is running an ssh-agent with the appropriate key loaded, an ssh connection attempt will prompt for password/passphrase (of course, that is unless prohibited by some other configuration values).
    – Codex24
    Commented Mar 19, 2018 at 19:27
1

Also, be aware of the PermitRootLogin option available in the server-side /etc/ssh/sshd_config file, which is described, 

PermitRootLogin
Specifies whether root can log in using ssh(1). The argument must be "yes",
"without-password", "forced-commands-only", or "no". The default is "yes".

If this option is set to "without-password", password authentication is
disabled for root.

Setting it to "without-password" has the effect of only allowing root to log in through ssh by having an authorized public key in place, which keeps Mallory from attempting to brute-force root's password. However, failure to authenticate via authorized public key manifests as repeated password prompts, which can be confusing.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .