I had a very strange problem accessing an oldish patch (118844-26) of Solaris 10* from a PC running PuTTY. When I tried to access it via ssh, I got the following message
login as: gjl
Using keyboard-interactive authentication.
When I tried to enter the password, it failed even though the password was entered correctly. The fix I used was to setup 'loginless' or automatic login to SSH
- On the target (Solaris 10) machine, make a directory .ssh in your home directory
- In the .ssh directory create a file called authorized_keys
- From the PuTTY site, get a binary called puttygen.exe
- Run the puttygen program and hit the 'generate' button.
- Paste the public key that is displayed in the tool, into the ~/.ssh/authorized_keys file on the Solaris machine
- Save the private key on the PC by using the 'Save Private Key' button.
- In the PuTTY configuration, choose Connection->SSH->Auth, and select the file (the private key) that you saved in the step above
- Open the connection, and it should all work, and look like below
Using username "gjl".
Authenticating with public key "rsa-key-20060421"
Last login: Fri Apr 21 19:47:54 2006 from localhost
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
The file permissions on the Solaris machine are important.
bash$ cd $HOME/.ssh
bash$ chmod 700 .
bash$ chmod 600 *
bash-3.00$ ls -la
drwx------ 2 gjl other 512 Apr 21 18:57 .ssh
bash-3.00$ ls -l .ssh
-rw------- 1 gjl other 448 Apr 21 19:29 authorized_keys
From another unix machine, e.g. Solaris or Linux, use the ssh-keygen program, and put the private key in the .ssh directory in the host that you are ssh'ing from. I followed the instructions here
$ cd $HOME
$ mkdir identity-test
$ cd identity-test
$ ssh-keygen -f id_rsa -t rsa
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in id_rsa.
Your public key has been saved in id_rsa.pub.
The key fingerprint is:
The file id_rsa needs to be put into the client .ssh directory with the name id_rsa.
The content of id_rsa.pub should be put in the file authorized_keys on the remote machine
It is actually possible to do all of the remote work in ssh
local$ ssh username@server 'mkdir .ssh'
password: (type password for username@server)
local$ scp ~/identity-test/id_rsa.pub username@server:.ssh/authorized_keys
password: (type password for username@server again)
Remember to set the correct permissions, as shown previously.
*running under VMware, but I don't think it's relevent.