SOLVED Passwordless SSH - cannot get it to work what so ever. Please help.

[h2009]

Hi there,
I've been trying for 2 weeks now to get passwordless SSH to work between my freenas 8 box and Fedora 14 pc.

I've followed every guide on the internet I could find, but none of them work. I would very grateful if someone could help me resolve this issue.

Here is a typical guide I've followed http://blogs.translucentcode.org/mick/archives/000230.html

Below is the what I've done:

Code:

[username@billing ~]$ ssh-key -f freenasloginkey
bash: ssh-key: command not found...
[username@billing ~]$ ssh-keygen -f freenasloginkey
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in freenasloginkey.
Your public key has been saved in freenasloginkey.pub.
The key fingerprint is:
4f:ea:0b:f6:a9:f2:XX:XX:XX:77:48:7e:XX:XX:XX:XX username@billing.domain.co.uk
The key's randomart image is:
+--[ RSA 2048]----+
|     ooo         |
|    ..=.E .      |
|   o ..o.o o     |
|  . .  .  o      |
|     .  S .      |
|      .  +       |
|     .o.. .      |
|    o..+ .       |
|     +o.=.       |
+-----------------+
[username@billing ~]$ ssh-copy-id -i freenasloginkey.pub FreenasUsername@10.10.10.10
FreenasUsername@10.10.10.10's password: 
[username@billing ~]$ ssh -i freenasloginkey FreenasUsername@10.10.10.10
FreenasUsername@10.10.10.10's password: 
Last login: Fri Jun 17 02:35:29 2011 from 22.22.22.22
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
	The Regents of the University of California.  All rights reserved.

FreeBSD 8.2-RELEASE-p1 (FREENAS.amd64) #4: Sat Apr 30 10:39:46 PDT 2011

	FreeNAS nanobsd (c) 2009-2010, The FreeNAS Development Team
	All rights reserved.
	FreeNAS is under the modified BSD license.

	For more information, documentation, help or support, go here:
 	http://freenas.org
Welcome to FreeNAS
$ cd .shh
cd: can't cd to .shh
$

 

[matthewowen01]

check the permissions of your home folder and deeper, only the owner may have access.

 

[h2009]

The permissions are all set to allow all (from the gui of freenas).
But can you see any error in my method being used?

 

[matthewowen01]

The permissions are all set to allow all (from the gui of freenas).
But can you see any error in my method being used?

your guide assumes you already have a .ssh folder in your home dir, you do not.
you're also doing funky things with ssh-keygen, just run ssh-keygen with no arguments.

here is my script for adding my key to servers, by using ssh-keygen with no arguments, all the defaults will line up nicely. now run

Code:

ssh $1 mkdir -p .ssh && cat ~/.ssh/id_rsa.pub | ssh $1 'cat >> .ssh/authorized_keys' && ssh $1 chmod -R 700 .ssh

replace $1 with the ip of your server. it will ask you for your password thrice, enter it. this will setup everything

 

[sysfu]

Resetting several folder permissions as per this post got passwordless SSH key logins working for me.

I'm copying the entire post below just in case it disappears for some reason
-Seth

==================================================

What you need to do to customize your server for passwordless authentication:

From WebGUI|Advanced|Execute command or shell protect the /mnt directory by setting the mode to 755(we don't want users to write on /mnt, that can fill up the RAM disk and crash the system . You must change the mod as startup command, after each reboot.

Code:

chmod 755 /mnt

For your safety change the mode for each mount, or at least one "mount".

Code:

chmod 755 /mnt/mount

Create the user(A) home directory /mnt/mount/userA

Code:

mkdir /mnt/mount/userAdir

Make userA the owner of his home directory

Code:

chown userA /mnt/mount/userAdir

Secure userA home directory

Code:

chmod 700 /mnt/mount/userAdir

Set userA home directory on WebGUI|Access|Users|Edit|Home directory to point to /mnt/mount/userAdir
From your remote client(ssh/PuTTy)
Check if home directory is set corectly for userA. The output should be /mnt/mount/userAdir

Code:

ssh -p 22 userA@FreeNASip 'pwd'

Create the .ssh directory

Code:

ssh -p 22 userA@FreeNASip 'mkdir .ssh'

Upload your id_rsa.pub or id_dsa.pub to remote .ssh directory.

Code:

cat id_rsa.pub | ssh -p 22 userA@FreeNASip 'cat >> .ssh/authorized_keys'

Change the .ssh dir mode

Code:

ssh -p 22 userA@FreeNASip 'chmod -R 700 ~/.ssh'

Now try to login passwordless

 

[Storms]

just wanted to say thanks for this... it was the permissions that were screwing me up!