SSH Passwordless Login Fails
by dervish on Oct.24, 2012, under Red Hat
After verifying file permissions, still unable to login without entering passsord. Found issue where SELINUX was keeping the SSH service from reading the authorized_keys file. Issue encountered on a Red Hat 6 server.
Fix:
$ restorecon -R -v /home/user/.ssh
restorecon reset /home/user/.ssh context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:ssh_home_t:s0
restorecon reset /home/user/.ssh/known_hosts context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:ssh_home_t:s0
restorecon reset /home/user/.ssh/id_dsa context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:ssh_home_t:s0
restorecon reset /home/user/.ssh/id_dsa.pub context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:ssh_home_t:s0
restorecon reset /home/user/.ssh/authorized_keys context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:ssh_home_t:s0
Passwordless login now works:
$ ssh gilis28.fls
Last login: Wed Oct 3 14:07:00 2012 from 10.255.2.204
[user@GILIS28 ~]$
Enable Backspace Delete on HP-UX
by dervish on Oct.17, 2012, under HP-UX
stty erase [hit backspace key][enter]
$ uname
HP-UX
$ stty erase ^?
$
If you don’t want to remap the backspace, then just use ^h (control-h).
GPG Key Trust
by dervish on Sep.17, 2012, under Linux
When importing a public key onto another machine, you may have configure gpg to
trust the key. Otherwise, when you use the key to do encryption, you may
see a prompt like this:
It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.
Use this key anyway? (y/N)
To trust the key, run:
gpg --edit-key NAME
GPG will output some information, and show a line like:
trust: undefined validity: unknown
You will be at a console, and you have to type "trust":
Command> trust
Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)
1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu
Your decision? 5
Do you really want to set this key to ultimate trust? (y/N) y
Type "quit" to quit. If you run gpg --edit-key NAME again, you will
see a line as below, which means the key is now trusted.
trust: ultimate validity: ultimate
Missing insserv
by dervish on Aug.20, 2012, under Linux, Ubuntu
# chkconfig saned off
/sbin/insserv: No such file or directory
# chkconfig webmin off
/sbin/insserv: No such file or directory
# ln -s /usr/lib/insserv/insserv /sbin/insserv
# chkconfig saned off
#
I <3 Ubuntu
error: Could not load ssh_host_ecdsa_key
by dervish on Aug.20, 2012, under Linux, Ubuntu
Error in log:
error: Could not load host key: /etc/ssh/ssh_host_ecdsa_key
Fix:
sudo ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ”
The ecdsa SSH key in not being generated by default.
