Search the Community

I recently set up key based ssh authentication for my workstation to a test server (running Centos 6) I have. The key based authentication works fine and I am able to log in just by entering a passphrase. In a quest to allow login without entering anything at all (except for the first time in a given server reboot session), I downloaded and configured keychain on my server. In this case it's on the root user but I plan on using it for other users and disabling root login completely (server is on a private network anyhow). To my understanding, keychain allows you to access the server without entering a passphrase except the first time logging in between server reboots. I am showing that after first using keychain, it prompted me for a passphrase then keychain itself prompted me for a passphrase then it logged me in. On my second login (illustrated below), it still continues to ask me for my passphrase. Second login: login as: root Authenticating with public key "imported-openssh-key" Passphrase for key "imported-openssh-key": Last login: Wed Apr 8 17:35:54 2020 from 8.8.8.1 * keychain 2.8.0 ~ http://www.funtoo.org * Found existing ssh-agent: 4023 * Known ssh key: /root/.ssh/id_rsa root@server1 [~]# If there a way to get this to not ask me for my passphrase or did I misconfigure anything? I haven't changed anything in the sshd_config so far. Here's my .bash_profile and location of the key files: root@server1 [~]# cat .bash_profile # .bash_profile # Get the aliases and functions if [ -f ~/.bashrc ]; then . ~/.bashrc fi # User specific environment and startup programs PATH=$PATH:$HOME/bin export PATH eval `keychain --agents ssh --eval id_rsa` root@server1 [~]# find | grep id_rsa ./.ssh/id_rsa.pub ./.ssh/id_rsa root@server1 [~]# I feel like i've tried everything at this point. Please let me know if i need to provide some more details. Thanks for the help!

I have set up keychain to use an id_rsa key. After latest world updates, I am asked for a passphrase repeatedly. I got the following files/entries: ~/.ssh: authorized_keys config id_rsa id_rsa.pub known_hosts .. /etc/ssh/sshd_config (perhaps irrelevant here, however, it is the same setup used in other system into which I ssh from the current one) PermitRootLogin no PubkeyAuthentication yes PasswordAuthentication no PermitEmptyPasswords no UsePAM no AllowTcpForwarding yes X11Forwarding yes AcceptEnv LANG LC_* ~/.gnupg: gpg-agent.conf no-grab default-cache-ttl 28800z default-cache-ttl-ssh 28800z max-cache-ttl 28800z max-cache-ttl-ssh 28800z gpg.conf # GnuPG config file created by KGpg use-agent default-key 9053534B693C4FB3 encrypt-to 9053534B693C4FB3 private-keys-v1.d (directory) pubring.gpg random_seed secring.gpg trustdb.gpg .. ~/.keychain/ .. tpx1c2g-sh tpx1c2g-sh-gpg ~/bash_profile # GPG #export GPG_TTY=`tty` export GNUPGHOME=~/.gnupg export GPGKEY=693C4FB3 eval `keychain --noask --eval --timeout 180 id_rsa` source ~/.keychain/$HOSTNAME-sh source ~/.keychain/$HOSTNAME-sh-gpg I have added the Key, again, via ssh-add to be sure it is used. I am still not sure why it stopped working, nor why it is not working now, even after checking that ssh-agent is (already) running. What else should I check?