Question : ssh / sftp without password prompt

This is driving me crazy. I have set this up on other servers in the past with no issues, however these two new servers I'm attempting to set up to use no password for ssh & sftp doesn't work no matter what I do. Here are the details (logged in as "oracle"):

1.  I use "ssh-keygen -t rsa" to generate id_rsa & id_rsa.pub on the server I want to sftp/ssh from.
2.  I copy the id_rsa.pub to the server I want to sftp/ssh to and put in the $HOME/.ssh directory as "authorized_keys".
3. I chmod 644 authorized_keys.
4. From the server that I did the ssh-keygen on, I attempt to ssh or sftp to the server I just created the authorized_keys on, it prompts me for a password.

Again I have done this same procedure on other servers and it works fine. I have compared the /etc/ssh/sshd_config with other servers and they appear to be the same (see Code).

Any clues or help with this would be greatly appreciated.
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
248:
249:
250:
251:
252:
253:
254:
255:
256:
257:
258:
259:
260:
261:
262:
263:
264:
265:
266:
267:
268:
269:
270:
271:
272:
273:
274:
275:
276:
277:
278:
279:
280:
281:
282:
283:
284:
285:
286:
287:
288:
289:
290:
291:
292:
293:
294:
295:
296:
297:
298:
299:
300:
301:
302:
303:
304:
305:
306:
307:
308:
309:
310:
311:
312:
313:
314:
315:
316:
317:
318:
319:
320:
321:
322:
323:
324:
325:
326:
327:
328:
329:
330:
331:
332:
333:
334:
335:
336:
337:
338:
339:
340:
341:
342:
343:
344:
345:
346:
347:
348:
349:
350:
351:
352:
353:
354:
355:
356:
357:
358:
359:
360:
361:
362:
363:
364:
365:
366:
367:
368:
369:
370:
371:
372:
373:
374:
375:
376:
377:
378:
379:
380:
381:
382:
383:
384:
385:
386:
387:
388:
389:
390:
391:
392:
393:
394:
395:
396:
397:
398:
399:
400:
401:
402:
403:
404:
405:
406:
407:
408:
409:
410:
411:
412:
413:
414:
415:
416:
417:
418:
419:
420:
421:
422:
423:
424:
425:
426:
427:
428:
429:
430:
431:
432:
433:
434:
435:
436:
437:
438:
439:
440:
441:
442:
443:
444:
445:
446:
447:
448:
449:
450:
451:
452:
453:
454:
455:
456:
457:
458:
459:
460:
461:
462:
463:
464:
465:
466:
467:
468:
469:
470:
471:
472:
473:
474:
475:
476:
477:
478:
479:
480:
481:
482:
483:
484:
485:
486:
487:
488:
489:
490:
491:
492:
493:
494:
495:
496:
497:
498:
499:
500:
501:
502:
503:
504:
505:
506:
507:
508:
509:
510:
511:
512:
513:
514:
515:
516:
517:
518:
519:
520:
521:
522:
523:
524:
525:
526:
527:
528:
529:
530:
531:
532:
533:
534:
535:
536:
537:
#       $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $

 

# This is the sshd server system-wide configuration file.  See

# sshd_config(5) for more information.

 

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

 

# The strategy used for options in the default sshd_config shipped with

# OpenSSH is to specify options with their default value where

# possible, but leave them commented.  Uncommented options change a

# default value.

 

Port 22

Protocol 2

#ListenAddress 0.0.0.0

#ListenAddress ::

 

# HostKey for protocol version 1

#HostKey /etc/ssh/ssh_host_key

# HostKeys for protocol version 2

#HostKey /etc/ssh/ssh_host_rsa_key

HostKey /etc/ssh/ssh_host_dsa_key

 

# Lifetime and size of ephemeral version 1 server key

#KeyRegenerationInterval 3600

#ServerKeyBits 768

 

# Logging

#obsoletes QuietMode and FascistLogging

SyslogFacility AUTH

#SyslogFacility AUTHPRIV

LogLevel INFO

 

# Authentication:

 

LoginGraceTime 60 

PermitRootLogin no

StrictModes yes

 

RSAAuthentication yes

PubkeyAuthentication yes

#AuthorizedKeysFile     .ssh/authorized_keys

 

# rhosts authentication should not be used

RhostsAuthentication no

# Don't read the user's ~/.rhosts and ~/.shosts files

IgnoreRhosts yes

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

RhostsRSAAuthentication no

# similar for protocol version 2

HostbasedAuthentication no 

# Change to yes if you don't trust ~/.ssh/known_hosts for

# RhostsRSAAuthentication and HostbasedAuthentication

IgnoreUserKnownHosts yes

 

# To disable tunneled clear text passwords, change to no here!

PasswordAuthentication yes

PermitEmptyPasswords no

 

# Change to no to disable s/key passwords

ChallengeResponseAuthentication no 

 

# Kerberos options

#KerberosAuthentication no

#KerberosOrLocalPasswd yes

#KerberosTicketCleanup yes

 

#AFSTokenPassing no

 

# Kerberos TGT Passing only works with the AFS kaserver

#KerberosTgtPassing no

 

# Set this to 'yes' to enable PAM keyboard-interactive authentication 

# Warning: enabling this may bypass the setting of 'PasswordAuthentication'

#PAMAuthenticationViaKbdInt no

# The following allows ulimit to be set using /etc/security/ulimit.conf

#UsePAM yes

 

#X11Forwarding no

X11Forwarding yes

#X11DisplayOffset 10

#X11UseLocalhost yes

PrintMotd yes

PrintLastLog yes

KeepAlive yes

#UseLogin no

UsePrivilegeSeparation no 

#PermitUserEnvironment no

#Compression yes

 

MaxStartups 100

# no default banner path

#Banner /etc/issue.net

Banner /etc/issue

#VerifyReverseMapping no

 

# override default of no subsystems

Subsystem       sftp    /usr/libexec/openssh/sftp-server

#

# items below added per security baseline

#

# do not turn off Tcp Forwarding

AllowTcpForwarding yes

  

# Deny group of account

DenyGroups nossh

  

# Deny users

DenyUsers adm

DenyUsers bin

DenyUsers daemon

DenyUsers ftp

DenyUsers games

DenyUsers gopher

DenyUsers halt

DenyUsers ident

DenyUsers lp

DenyUsers mail

DenyUsers mailnull

DenyUsers news

DenyUsers nfsnobody

DenyUsers nobody

DenyUsers nscd

DenyUsers operator

DenyUsers radvd

DenyUsers rpc

DenyUsers rpcuser

DenyUsers rpm

DenyUsers shutdown

DenyUsers sync

DenyUsers uucp

DenyUsers xfs

DenyUsers sshd

 

root@emghlp201:/etc/ssh #

 

From emghlp048…

root@emghlp048:/etc/ssh # cat sshd_config

#       $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $

 

# This is the sshd server system-wide configuration file.  See

# sshd_config(5) for more information.

 

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

 

# The strategy used for options in the default sshd_config shipped with

# OpenSSH is to specify options with their default value where

# possible, but leave them commented.  Uncommented options change a

# default value.

 

Port 22

Protocol 2

#ListenAddress 0.0.0.0

#ListenAddress ::

 

# HostKey for protocol version 1

#HostKey /etc/ssh/ssh_host_key

# HostKeys for protocol version 2

#HostKey /etc/ssh/ssh_host_rsa_key

HostKey /etc/ssh/ssh_host_dsa_key

 

# Lifetime and size of ephemeral version 1 server key

#KeyRegenerationInterval 3600

#ServerKeyBits 768

 

# Logging

#obsoletes QuietMode and FascistLogging

SyslogFacility AUTH

#SyslogFacility AUTHPRIV

LogLevel INFO

 

# Authentication:

 

LoginGraceTime 60 

PermitRootLogin no

StrictModes yes

 

RSAAuthentication yes

PubkeyAuthentication yes

#AuthorizedKeysFile     .ssh/authorized_keys

 

# rhosts authentication should not be used

RhostsAuthentication no

# Don't read the user's ~/.rhosts and ~/.shosts files

IgnoreRhosts yes

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

RhostsRSAAuthentication no

# similar for protocol version 2

HostbasedAuthentication no 

# Change to yes if you don't trust ~/.ssh/known_hosts for

# RhostsRSAAuthentication and HostbasedAuthentication

IgnoreUserKnownHosts yes

 

# To disable tunneled clear text passwords, change to no here!

PasswordAuthentication yes

PermitEmptyPasswords no

 

# Change to no to disable s/key passwords

ChallengeResponseAuthentication no 

 

# Kerberos options

#KerberosAuthentication no

#KerberosOrLocalPasswd yes

#KerberosTicketCleanup yes

 

#AFSTokenPassing no

 

# Kerberos TGT Passing only works with the AFS kaserver

#KerberosTgtPassing no

 

# Set this to 'yes' to enable PAM keyboard-interactive authentication 

# Warning: enabling this may bypass the setting of 'PasswordAuthentication'

#PAMAuthenticationViaKbdInt no

# The following allows ulimit to be set using /etc/security/ulimit.conf

#UsePAM yes

 

#X11Forwarding no

X11Forwarding yes

#X11DisplayOffset 10

#X11UseLocalhost yes

PrintMotd yes

PrintLastLog yes

KeepAlive yes

#UseLogin no

UsePrivilegeSeparation no 

#PermitUserEnvironment no

#Compression yes

 

MaxStartups 100

# no default banner path

#Banner /etc/issue.net

Banner /etc/issue

#VerifyReverseMapping no

 

# override default of no subsystems

Subsystem       sftp    /usr/libexec/openssh/sftp-server

#

# items below added per security baseline

#

# do not turn off Tcp Forwarding

AllowTcpForwarding yes

# Deny group of account

DenyGroups nossh

# Deny users

DenyUsers adm

DenyUsers bin

DenyUsers daemon

DenyUsers ftp

DenyUsers games

DenyUsers gopher

DenyUsers halt

DenyUsers ident

DenyUsers lp

DenyUsers mail

DenyUsers mailnull

DenyUsers news

DenyUsers nfsnobody

DenyUsers nobody

DenyUsers nscd

DenyUsers operator

DenyUsers radvd

DenyUsers rpc

DenyUsers rpcuser

DenyUsers rpm

DenyUsers shutdown

DenyUsers sync

DenyUsers uucp

DenyUsers xfs

DenyUsers sshd

Answer : ssh / sftp without password prompt

Hi nigelr99,

One trick to obtain a total of a calculated field in group footers and headers is to use “running sum”. Please try to duplicate your field with the expression, and set the property “running sum: yes” for the copy. Verify that it does indeed cumulate the amounts you want, and that it shows the correct total on the last header.

Say this new text box is called txtRunningSum, you can then add a new text box in the report footer with the expression

    = txtRunningSum

It will display the last available value from that text box. Once it works satisfactorily, you can hide the actual running sum.

Cheers!
(°v°)
Random Solutions  
 
programming4us programming4us