I have an account called mdmbuild on my machine that does not have a password. It's a headless account. I have ssh public and private keys for the account. The public keys are already there on the machine I want to log on to. But the problem is the remote machine is not accepting my private keys as they were generated on a different machine.
Say keys were generated on saturn and public keys copied to venus. My mars machine has the private keys but venus won't accept it as it has public keys generated on saturn. Is there any way I can login on venus with the keys I have got? mdmbuild does not have a password. The only way to login is with the keys.
debug1: Trying RSA authentication with key '/home/mdmbuild/.ssh/vault-identity' debug1: Remote: Your host 'hostname.com' is not permitted to use this key for login. debug1: Server refused our key.
In article <368235fa-2308-4f60-907b-4927d3560...@u12g2000prd.googlegroups.com>,
rahul <rahulsin...@gmail.com> wrote: > I have an account called mdmbuild on my machine that does not have a > password. It's a headless account. I have ssh public and private keys > for the account. The public keys are already there on the machine I > want to log on to. > But the problem is the remote machine is not accepting my private keys > as they were generated on a different machine.
> Say keys were generated on saturn and public keys copied to venus. My > mars machine has the private keys but venus won't accept it as it has > public keys generated on saturn. Is there any way I can login on venus > with the keys > I have got? mdmbuild does not have a password. The only way to login > is with the keys.
When you run ssh-keygen, it creates both a public and private key. You have to use the private key that was made at the same time as the public key, because key generation incorporates random data. Every time you run ssh-keygen you'll get different keys, even if you enter the same passphrase, and you can't mix and match them.
-- Barry Margolin, bar...@alum.mit.edu Arlington, MA *** PLEASE post questions in newsgroups, not directly to me *** *** PLEASE don't copy me on replies, I'll read them in the group ***
> In article > <368235fa-2308-4f60-907b-4927d3560...@u12g2000prd.googlegroups.com>,
> rahul <rahulsin...@gmail.com> wrote: > > I have an account called mdmbuild on my machine that does not have a > > password. It's a headless account. I have ssh public and private keys > > for the account. The public keys are already there on the machine I > > want to log on to. > > But the problem is the remote machine is not accepting my private keys > > as they were generated on a different machine.
> > Say keys were generated on saturn and public keys copied to venus. My > > mars machine has the private keys but venus won't accept it as it has > > public keys generated on saturn. Is there any way I can login on venus > > with the keys > > I have got? mdmbuild does not have a password. The only way to login > > is with the keys.
> When you run ssh-keygen, it creates both a public and private key. You > have to use the private key that was made at the same time as the public > key, because key generation incorporates random data. Every time you > run ssh-keygen you'll get different keys, even if you enter the same > passphrase, and you can't mix and match them.
> -- > Barry Margolin, bar...@alum.mit.edu > Arlington, MA > *** PLEASE post questions in newsgroups, not directly to me *** > *** PLEASE don't copy me on replies, I'll read them in the group ***
Thanks Barry, But I have got the matching private keys corresponding to public keys on the server. But as the keys were not generated on my host, server is not taking the keys. For the headless accounts, we have public keys on servers and private key is given to us for access.
> On May 16, 7:36 am, Barry Margolin <bar...@alum.mit.edu> wrote:
> > In article > > <368235fa-2308-4f60-907b-4927d3560...@u12g2000prd.googlegroups.com>,
> > rahul <rahulsin...@gmail.com> wrote: > > > I have an account called mdmbuild on my machine that does not have a > > > password. It's a headless account. I have ssh public and private keys > > > for the account. The public keys are already there on the machine I > > > want to log on to. > > > But the problem is the remote machine is not accepting my private keys > > > as they were generated on a different machine.
> > > Say keys were generated on saturn and public keys copied to venus. My > > > mars machine has the private keys but venus won't accept it as it has > > > public keys generated on saturn. Is there any way I can login on venus > > > with the keys > > > I have got? mdmbuild does not have a password. The only way to login > > > is with the keys.
> > When you run ssh-keygen, it creates both a public and private key. You > > have to use the private key that was made at the same time as the public > > key, because key generation incorporates random data. Every time you > > run ssh-keygen you'll get different keys, even if you enter the same > > passphrase, and you can't mix and match them.
> > -- > > Barry Margolin, bar...@alum.mit.edu > > Arlington, MA > > *** PLEASE post questions in newsgroups, not directly to me *** > > *** PLEASE don't copy me on replies, I'll read them in the group ***
> Thanks Barry, > But I have got the matching private keys corresponding to public keys > on the server. But as the keys were not generated on my > host, server is not taking the keys. For the headless accounts, we > have public keys on servers and private key is given to > us for access.
I found the problem. The host names are limited to the from= specified in the authorized_keys file. So, only the host in the from= field can have the key authentication for the copied public key. Otherwise, it falls back to password authentication. In my case, the account has no password. I got my machine name appended to the from field.
