SSH asks password when invoke it in script

Question

I have one master and four slave computers. I generated rsa public/private key on master PC. Then I copied publickey (id_rsa.pub) to slave machines as authorized_keys.

It doesn't ask password when I invoke SSH like this on master PC's terminal:

ssh –o UserKnownHostsFile=/dev/null –o StrictHostKeyChecking=no hduser@slave1

I wrote this script to automatically login slave machines without asking password.

SERVER_LIST=`cat /home/hduser/slaves` # slave1, slave2 ...
USERNAME=hduser
for host in $SERVER_LIST; do 
ssh –t –o UserKnownHostsFile=/dev/null –o StrictHostKeyChecking=no -l ${USERNAME} ${host}; 
done

SSH is asking slaves passwords when I use this script. I'm getting this message when use SSH with -vv option:

-vv option

I changed permissions on master PC and slave PC.

sudo chmod 700 -R ~/.ssh
sudo chown hduser ~/.ssh

It still asking password. What am I missing? How can I fix it?

It can ask me slave1's password without hduser@. I thought same thing and added it to script but nothing change. — Eyüp Alemdar, Mar 21 '14 at 16:08
Try to use add -v or -vv flag to ssh in the two cases, and compare the output --- maybe you can spot the problem that way. — Rmano, Mar 21 '14 at 16:12
I mean, try ssh -v -o ... from terminal (when it works), save the verbose output. Do the same for the ssh in the script. Save it too. Normally this is sufficient to help you spot the problem, otherwise put the output in the question. — Rmano, Mar 21 '14 at 16:15
And also check that you have set the correct permissions, probably you need to have the same permissions for the key file and your script. — Registered User, Mar 21 '14 at 16:16
One more thing, use @ to reply to users, otherwise we won't be notified. — Registered User, Mar 21 '14 at 16:18
your ssh is trying to login to root user (it is reading the /root/.ssh/ directory --- retry with hduser@$host in the script. — Rmano, Mar 21 '14 at 18:07
Thk you @Rmano . It works after copied id_rsa and id_rsa.pub under /home/hduser/.ssh/ directory to /root/.ssh/ directory — Eyüp Alemdar, Mar 21 '14 at 18:18
So my first comment is the solution... you are still logging into the "slave" root account, not hduser, because you are calling the script from root (maybe with sudo?) — Rmano, Mar 21 '14 at 18:20

score 0 · Accepted Answer · answered Mar 21 '14 at 18:20

Try to use the -i argument. From the man:

-i identity_file
         Selects a file from which the identity (private key) for RSA or
         DSA authentication is read.  The default is ~/.ssh/identity for
         protocol version 1, and ~/.ssh/id_rsa and ~/.ssh/id_dsa for pro-
         tocol version 2.  Identity files may also be specified on a per-
         host basis in the configuration file.  It is possible to have
         multiple -i options (and multiple identities specified in config-
         uration files).

Then you can specify the key to use for each host.

-i option works too. I pointed hduser ssh directory and it works without copying private key to root ssh directory. I changed this line: ssh –t –o UserKnownHostsFile=/dev/null –o StrictHostKeyChecking=no -i "/home/hduser/id_rsa" -l ${USERNAME} ${host}; — Eyüp Alemdar, Mar 21 '14 at 18:51

score 0 · Answer 2 · answered Mar 21 '14 at 18:32

The script somehow looks to root directory to send private key. It works after copied id_rsa and id_rsa.pub under /home/hduser/.ssh/ directory to /root/.ssh/ directory.

sudo cp -av /home/hduser/.ssh/id_rsa /root/.ssh/
sudo cp -av /home/hduser/.ssh/id_rsa.pub /root/.ssh/

SSH asks password when invoke it in script

2 Answers2