Try deleting the /etc/ssh_known_hosts file and re-run the cron job that creates this file. Check that the file is created and that the machine name is in this file. Also check that the machine name is in the /etc/shosts.equiv file. I have also added what is in the configuration guide.
cat <<EOF > /etc/ssh/ssh_config
Host *
Protocol 2,1
RhostsAuthentication yes
RhostsRSAAuthentication yes
RSAAuthentication yes
PasswordAuthentication yes
EnableSSHKeysign yes
HostbasedAuthentication yes
EOF
cat <<EOF >> /etc/ssh/sshd_config
HostbasedAuthentication yes
IgnoreUserKnownHosts yes
IgnoreRhosts yes
EOF
Laurence
-----Original Message-----
From: LHC Computer Grid - Rollout on behalf of Ben Waugh
Sent: Wed 01/12/2004 20:48
To: [log in to unmask]
Cc:
Subject: [LCG-ROLLOUT] SSH configuration (fwd)
Sending this to a wider audience in the hope that someone can help me get
this sorted out so UCL-HEP can come back online...
---------- Forwarded message ----------
Date: Wed, 1 Dec 2004 18:10:11 +0000 (GMT)
From: Ben Waugh <[log in to unmask]>
To: Testbed Support for GridPP <[log in to unmask]>
Subject: SSH configuration
Hello,
I am having difficulty getting password-free SSH to work between machines,
or even between once machine and itself. The following occurs when trying
to ssh from pc90.hep.ucl.ac.uk (my new CE) to itself:-
Added to /etc/ssh/ssh_config:
Host *
HostbasedAuthentication yes
Added to /etc/ssh/sshd_config:
HostbasedAuthentication yes
IgnoreUserKnownHosts yes
IgnoreRhosts yes
Now, as a pool account user, I try:
[atlas024@pc90 atlas024]$ ssh pc90.hep.ucl.ac.uk
ssh-keysign not enabled in /etc/ssh/ssh_config
ssh_keysign: no reply
key_sign failed
[log in to unmask] password:
I don't know what is going on here, but a bit of Googling leads me to add
the line
EnableSSHKeysign yes
to ssh_config, which gets rid of the ssh-keysign errors, but I still get
prompted for a password.
Any ideas what I am doing wrong?
Ben
--
Dr Ben Waugh Tel. +44 (0)20 7679 3783
Dept of Physics and Astronomy Internal: 33783
University College London
London WC1E 6BT
|