The Computer Oracle

public key always asking for password and keyphrase

--------------------------------------------------
Rise to the top 3% as a developer or hire one of them at Toptal: https://topt.al/25cXVn
--------------------------------------------------

Music by Eric Matyas
https://www.soundimage.org
Track title: Riding Sky Waves v001

--

Chapters
00:00 Public Key Always Asking For Password And Keyphrase
00:49 Accepted Answer Score 25
01:34 Answer 2 Score 2
02:57 Answer 3 Score 2
03:26 Answer 4 Score 1
03:45 Thank you

--

Full question
https://superuser.com/questions/508408/p...

--

Content licensed under CC BY-SA
https://meta.stackexchange.com/help/lice...

--

Tags
#passwords #publickey #passphrase

#avk47


ACCEPTED ANSWER

Score 25


Thats because your private key is encrypted...

You can add your key to an ssh agent using ssh-add or remove the passphrase (and with it the encryption) from the key using the following command:

ssh-keygen -p -f /root/.ssh/id_dsa -N ''

EDIT

Oh I just realized that you try to use your public key to authenticate... You want to use the private key there:

ssh -v -i /root/.ssh/id_dsa backup@webserver.com

And just to make absolutely sure, the content of the file id_dsa.pub goes into ~backup/.ssh/authorized_keys on the webserver. You can use the following command to do that automatically

ssh-copy-id -i /root/.ssh/id_rsa.pub backup@webserver.com


ANSWER 2

Score 2


There are a few things.

Primarily, if the KEY is asking for a password, the key was generated with it. Secondly, if the system is prompting for a password after, then the key is not authenticating. Meaning, you will need to regenerate your SSH key (or change it as suggested by @rbtux) and fix the authorized_keys files.

ssh-keygen -t {dsa|rsa} -b {1024|2048|4096} -C "optional comment" -f id_examplekey

The items in curly brackets are options, type and bit size (To state the obvious: dsa > rsa, 4096 > 1024 - in terms of "security").

Then you need to add the public key (.pub) to the authorized_keys and authorized_keys2 files (it's a common misconception to say the .pub is for local use, however it is intended to be compared against) So in the server's .ssh folder.

$ cat id_examplekey.pub >> authorized_keys{,2}

Then on your end, you should make sure the key permissions are chmod 600 id_example and to alleviate typing all that, you can set up the config file: ~/.ssh/config on your local box (that is a skeleton, you can customize this a ton):

Host example.com
    User WHATEVERNAME
    IdentityFile ~/.ssh/id_examplekey


ANSWER 3

Score 2


For me since the key itself was encrypted, I followed the following steps:

  • Start ssh-agent: $ ssh-agent bash
  • Add standard identity key to the key manager: $ ssh-add
  • If you want to add a different key, then: $ ssh-add /location/of/key

To inspect at any time, the list of currently loaded keys:

$ ssh-add -l

More details can be obtained from this link



ANSWER 4

Score 1


try https://wiki.gentoo.org/wiki/Keychain

It is kind of a wrap on ssh-agent and ssh-add

Pros: No need to input the password repeatedly as long as you don't reboot. Could be used in crontab.

It might be help.