Jump to content
  • 0
jeff82

Unable to get keychain (funtoo) to work with Centos 6

Question

I recently set up key based ssh authentication for my workstation to a test server (running Centos 6) I have.  The key based authentication works fine and I am able to log in just by entering a passphrase.  In a quest to allow login without entering anything at all (except for the first time in a given server reboot session), I downloaded and configured keychain on my server.  In this case it's on the root user but I plan on using it for other users and disabling root login completely (server is on a private network anyhow).

To my understanding, keychain allows you to access the server without entering a passphrase except the first time logging in between server reboots.  I am showing that after first using keychain, it prompted me for a passphrase then keychain itself prompted me for a passphrase then it logged me in.  On my second login (illustrated below), it still continues to ask me for my passphrase.

Second login:

login as: root
Authenticating with public key "imported-openssh-key"
Passphrase for key "imported-openssh-key":
Last login: Wed Apr  8 17:35:54 2020 from 8.8.8.1
 * keychain 2.8.0 ~ http://www.funtoo.org
 * Found existing ssh-agent: 4023
 * Known ssh key: /root/.ssh/id_rsa

root@server1 [~]#

 

If there a way to get this to not ask me for my passphrase or did I misconfigure anything?  I haven't changed anything in the sshd_config so far.

 

   Here's my .bash_profile and location of the key files:

    root@server1 [~]# cat .bash_profile
    # .bash_profile
    
    # Get the aliases and functions
    if [ -f ~/.bashrc ]; then
            . ~/.bashrc
    fi
    
    # User specific environment and startup programs
    
    PATH=$PATH:$HOME/bin
    
    export PATH
    
    eval `keychain --agents ssh --eval id_rsa`
    
    root@server1 [~]# find | grep id_rsa
    ./.ssh/id_rsa.pub
    ./.ssh/id_rsa
    root@server1 [~]#

 

I feel like i've tried everything at this point.  Please let me know if i need to provide some more details.  Thanks for the help!

Share this post


Link to post
Share on other sites

0 answers to this question

Recommended Posts

There have been no answers to this question yet

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...