Password no password for SSH over SSH
I am writing a script that needs to have restricted access to a server. I want to do this by going through another unix server that I have access to and also has access to another computer.
I can SSH on a second machine from home and not be prompted for a password since I generated an SSH key and used ssh-copy-id. When I'm physically on the second machine, I can SSH on the third in the same way, but you won't be prompted for a password.
However, when I SSH into the second, and then try to go to SSH into the third, I am prompted to pass the phase for the key and password for the third computer.
Why is this happening and how can I stop this prompt?
EDIT: For clarity, some points.
- I do not have root privileges on any machine. I am connecting to SSHing, only my machine is at home.
- I missed the one printed above (now corrected). While physically on the second machine, I can SSH on the third server.
Diagram
Machine A : Home machine, root access
| SSH (passwordless)
v
Machine B : Publicly accessible server, no root permissions
| SSH (passwordless while physically logged in,
| password prompted while at machine A SSHed into machine B)
v
Machine C : Only accessable on campus
(which B is and A is not), no root permissions
source to share
You mentioned that you can get into the second car from 1st and 1st to 2nd. So if there is a 3rd computer in the chain, you need to set up SSH keys on the 3rd machine, or get the public key from the 3rd computer you mention.
Another good tip is to manually start SSH with the verbose / debugging ( -v
) option so you can see exactly what is happening at each step.
-v Verbose mode. Causes ssh to print debugging messages about its
progress. This is helpful in debugging connection, authentica-
tion, and configuration problems. Multiple -v options increase
the verbosity. The maximum is 3.
It saved me a lot of headaches in the past by showing me exactly how the login process works and what exactly clogs it.
So, if some of your third computer is called machine3.local
, then your ssh command using verbose mode would be:
ssh -v machine3.local
EDIT: The original poster says he is being asked to enter a phrase for the key he generated for the third car. If so, then the problem. You don't have a passphrase for the SSH key if you want to access without a password.
ANOTHER CHANGE: Also, make sure they have permissions that match the following and belong to the account trying to access, as shown in this example:
-rw------- [username] [usergroup] authorized_keys
-rw------- [username] [usergroup] id_rsa
-rw-r--r-- [username] [usergroup] id_rsa.pub
-rw-r--r-- [username] [usergroup] known_hosts
source to share