Welcome to my website. I am always posting links to photo albums, art, technology and other creations. Everything that you will see on my numerous personal sites is powered by the formVistaTM Website Management Engine.


  • Setting Up Passwordless SSH Under CentOS 6 Running Selinux
    08/22/2013 8:52PM

    I am setting up a cluster of KVM virtual machines and want to be able to ssh to them as the root user on the vm without having to enter a password.

    The first thing that I did was create keys on the box from which I was going to make connections (A):

    [rchapin@A .ssh]$ ssh-keygen
    Generating public/private rsa key pair.
    Enter file in which to save the key (/usr/local2/home/rchapin/.ssh/id_rsa):
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /usr/local2/home/rchapin/.ssh/id_rsa.
    Your public key has been saved in /usr/local2/home/rchapin/.ssh/id_rsa.pub.
    The key fingerprint is:
    6a:ca:57:31:23:30:67:8c:9d:de:78:53:14:90:16:6e rchapin@A
    The key's randomart image is:
    +--[ RSA 2048]----+
    |     + .o=o.     |
    |    + *.o .      |
    |     * +E.       |
    |      +.B        |
    |       oS=       |
    |       ..        |
    |      o.         |
    |   . o.          |
    |    o.           |

    After which I scp the id_rsa.pub file to the remote box

    [rchapin@A ~]$ scp ./id_rsa.pub root@B:/root/

    Then ssh to the remote box, create the ~/.ssh directory, copy the contents of the id_rsa.pub file into ~/.ssh/authorized_keys and set the permissions on all of the files.

    [root@B ~]# mkdir .ssh
    [root@B ~]# chmod 700 .ssh
    [root@B ~]# cat ~/id_rsa.pub > authorized_keys
    [root@B ~]# chmod 600 authorized_keys

    The first problem was that it wasn't accepting the key and was giving me the password prompt.

    After a quick search regarding passwordless ssh and Selinux I did the following:

    [root@B .ssh]# restorecon -R -v /root/.ssh/
    restorecon reset /root/.ssh context unconfined_u:object_r:admin_home_t:s0->unconfined_u:object_r:ssh_home_t:s0
    restorecon reset /root/.ssh/authorized_keys2 context unconfined_u:object_r:admin_home_t:s0->unconfined_u:object_r:ssh_home_t:s0

    Now I received the error:

    [rchapin@A .ssh]$ ssh root@B
    Agent admitted failure to sign using the key.

    Another quick search and all I had to do was add the key on the A box and I was all set

    [rchapin@A.ssh]$ ssh-add
    [rchapin@A.ssh]$ ssh root@B
    Last login: Thu Aug 22 20:40:54 2013 from A
    [root@B ~]#

Advanced Search