SUMMARY: SSH RSA Key Authentication on Solaris

From: Adam Ronthal <>
Date: Tue Apr 01 2003 - 13:31:48 EST
Many people responded, and as always, I am impressed with the quality and 
volume of responses from the list!

Kudos go to Crist Clark for pointing out a typo in my configuration.... I 
had added the public file to $HOME/.ssh/authorized_hosts instead of 

Shame on me for not double checking *everything*.... even the simple stuff 
you  know you can't screw up!

Other suggestions included checking the permissions on the .ssh directory 
and files therein (they were ok), running the sshd daemon in debug mode 
(gives more useful info than the client) and an interesting (though in this 
case not relevant) reference to key interoperability between Sun/OpenSSH 
and SSH.COM implementations 

Many thanks to the following for their responses:

John Julian
Len Rose
Ian Wallace
Ryan Bishop
Dan Lowe
Jesse Trucks
Ben Green
Darren Dunham
Crist Clark


------------  Original Question -------------

>Hi All...
>Been banging my head on this one for a while.... perhaps someone out there 
>can offer some advice.
>In the past, I've set up ssh key-based authentication using RSA keys with 
>empty passwords for restricted accounts and scriptable scp file 
>copies.  Last time I had to set this up, it was between a Solaris 8 box 
>with OpenSSH and an OpenBSD box.  The whole process took about 10 minutes 
>to get working.
>I have a situation here with Solaris 8 and Solaris 9 servers where I'm 
>trying to set up the same sort of thing.  I know that the stock ssh on Sol 
>9 doesn't support key-based auth, so I replaced it with OpenSSH 3.5p1 - 
>same version that is installed on my Solaris 8 box.
>I generate rsa keys:
>$ ssh-keygen -t rsa
>Copy the file to the target box and add the contents of the 
>file to the .ssh/authorized_hosts file.
>That *should* be sufficient, and yet, it doesn't work:
>debug1: authentications that can continue: 
>debug1: next auth method to try is publickey
>debug1: userauth_pubkey_agent: testing agent key 
>debug1: authentications that can continue: 
>debug1: try privkey: /export/home/catrep/.ssh/identity
>debug1: try privkey: /export/home/catrep/.ssh/id_rsa
>debug1: read PEM private key done: type RSA
>debug1: authentications that can continue: 
>debug1: try privkey: /export/home/catrep/.ssh/id_dsa
>debug1: next auth method to try is keyboard-interactive
>debug1: authentications that can continue: 
>debug1: next auth method to try is password
>The same behavior is evident when using ssh-agent first:
>$ eval `/usr/local/bin/ssh-agent`
>$ /usr/local/bin/ssh-add
>My sshd_config file contains:
>RSAAuthentication yes
>PubkeyAuthentication yes
>AuthorizedKeysFile      .ssh/authorized_keys
>Any ideas?
>Thanks in advance, will summarize to the list.
sunmanagers mailing list
Received on Tue Apr 1 13:34:36 2003

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:08 EST