ssh/scp auto-login/copy

[nolan.rumble]

Hi,

I'm looking to automatically upload some firewall logs from the firewall to a remote server for analysis. By automatic I mean I should not need to type a password every time the upload needs to take place.

Now I was thinking of doing this with public/private keys but I seem to be hitting a snag. I cannot for the life of me figure out why it is not working.

My understanding of public/private keys used for automatic ssh login/scp file copying is that you copy id_dsa.pub from your source host and append it to ~/.ssh/authorized_keys on the remote host and then when you want to use either ssh/scp, it shouldn't prompt you for a password. (Naturally all of this needs to be done from within expert mode.)

Would the above situation work?

Which public/private keys do I need to use? The ones which sit in /root/.ssh/ or the ones in /home/adminuser/.ssh? I have tried both keys and none work.

Would I break anything if I regenerated the public/private keys for root?

Here is some output from the ssh -vvv command and from what I can see the only bit which might cause problems is:
debug2: key_type_from_name: unknown key type '-----BEGIN'
...
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype

and/or perhaps this:
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password


If anyone can shed some light on this issue for me I would be greatly appreciated!

Thanks
Nolan

[abusharif]

knock yourself out :)

http://fedoranews.org/dowen/sshkeys/

[nolan.rumble]

Thanks for the quick reply!

Could you perhaps also answer me this, by generating the new keys for the expert user, would I break any of the services which might require the "pregenerated keys" on the firewall?

Thanks
Nolan

[abusharif]

Quote:

Originally Posted by nolan.rumble

Thanks for the quick reply!

Could you perhaps also answer me this, by generating the new keys for the expert user, would I break any of the services which might require the "pregenerated keys" on the firewall?

Thanks
Nolan

afaik no services on default installation use predifined keys from sshd