WHen I say "mine" I mean "from my Mac to IBM i 7.x"

On Wed, Aug 16, 2017 at 9:28 PM, Jack Woehr <jwoehr@xxxxxxxxxxxxxxxxxxxxxxxx
wrote:

Matt --

1. I interpret your remarks that you have checked permissions on BOTH
machines.
- E.g., your private key on the Mac again must be 600
2. Try a different type of key.

RSA works fine on mine. And just for good luck, you could do ls -laR .ssh
on both machines and post it here?

On Wed, Aug 16, 2017 at 6:19 PM, Matt Lavinder <
mlavinder@xxxxxxxxxxxxxxxxxxx> wrote:

Scott - Sorry, but I guess I have done this so many times I did not feel
the need to go into that much detail. I am at my wits end with this,
because I am NOT a newbie at this. I got SSH working years ago on V5R4
thanks to your articles. I definately created an RSA key. I added the
contents of rsa_id.pub on his Mac to the the authorized_keys file on the
IBM i.

Jack - I have checked, double checked and triple checked all the
permissions of the folders and files and I keep checking to make sure the
key isn’t on multiple lines.

Public key auth works my user profile and I use it all day, every day. I
have configured SSH clients and servers many times on various Linux
distros
and I have never had a problem on IBM i or elsewhere. Again, it works if
I
allow him to sign in with a password. It does NOT work if I add my Mac's
SSH to the authorized_keys on HIS profile, and that is the very key I am
using to help me troubleshoot.

This HAS to be some sort of profile authorities issue, but I am at a loss.

Like I said, I have checked all the permissions multiple times. I even
found a script to display the chmod numbers for the files and directories,
just to be sure. What I am getting is that I have checked all the right
things.

I am probably going to have to open a PMR with IBM. I would say I am
overlooking something dumb, but god help me, I have knack for stumbling on
to bizarre stuff. I was hoping for a simple answer.


On Wed, Aug 16, 2017 at 6:22 PM, Jack Woehr <
jwoehr@xxxxxxxxxxxxxxxxxxxxxxxx
wrote:

Also be sure that when you added the key to authorized_keys it was one
line
wrapping, not 2 or 3 lines broken.

On Wed, Aug 16, 2017 at 4:21 PM, Jack Woehr
<jwoehr@absolute-performance.c
om
wrote:

On the target machine:

- .ssh should be 700
- authorized_keys should 600


On Wed, Aug 16, 2017 at 4:12 PM, Scott Klement <
midrange-l@xxxxxxxxxxxxxxxx> wrote:

Not much information here. About all you've told us is "it doesn't
work"
and "from a Mac". But, I use a key generated on my Mac all day long
and
can log in via SSH without any problems.

Is it possible that you generated the wrong type of key?

Or that the authorities are wrong?



On 8/16/2017 4:59 PM, Matt Lavinder wrote:

We are trying to give a new employee access to the PASE/Bash command
shell
via Terminal. I have added his Mac’s RSA key to the authorized_keys
file,
but it still will not let them connect. It will let them connect
with
a
password, but that is not what we want.

For the life of me, I cannot figure out what is different between
the
way
they are configured and I am. This all works for me when using my
key
and
my profile. If I add my Mac's key to their authorized_keys file, it
will
not let me connect either (yes, I used their user name).

I have a lot more system authorities than the new employee does,
but I
can’t imagine why that would be the issue.

Is there a specific authority a user needs to be able to communicate
with
the SSHD?

Does anyone have any other ideas?

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L)
mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our
affiliate
link: http://amzn.to/2dEadiD




--
Absolute Performance, Inc.
12303 Airport Way, Suite 100
Broomfield, CO 80021

NON-DISCLOSURE NOTICE: This communication including any and all
attachments is for the intended recipient(s) only and may contain
confidential and privileged information. If you are not the intended
recipient of this communication, any disclosure, copying further
distribution or use of this communication is prohibited. If you
received
this communication in error, please contact the sender and
delete/destroy
all copies of this communication immediately.




--
Absolute Performance, Inc.
12303 Airport Way, Suite 100
Broomfield, CO 80021

NON-DISCLOSURE NOTICE: This communication including any and all
attachments is for the intended recipient(s) only and may contain
confidential and privileged information. If you are not the intended
recipient of this communication, any disclosure, copying further
distribution or use of this communication is prohibited. If you
received
this communication in error, please contact the sender and
delete/destroy
all copies of this communication immediately.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: http://amzn.to/2dEadiD




--




*Matt Lavinder Programmer AnalystData Management Inc.Phone: (336)
573-5045Fax: (336) 573-5001*
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: http://amzn.to/2dEadiD




--
Absolute Performance, Inc.
12303 Airport Way, Suite 100
Broomfield, CO 80021

NON-DISCLOSURE NOTICE: This communication including any and all
attachments is for the intended recipient(s) only and may contain
confidential and privileged information. If you are not the intended
recipient of this communication, any disclosure, copying further
distribution or use of this communication is prohibited. If you received
this communication in error, please contact the sender and delete/destroy
all copies of this communication immediately.





This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].