When setting up automated SSH connections between servers, using public key authentication is the standard approach. The process involves generating a key pair (public and private) and placing the public key on the remote server you want to access.
Based on your system information (SunSSH 1.1), SSH keys are typically stored in:
/etc/ssh/ # System-wide configuration and host keys
~/.ssh/ # User-specific keysTo locate existing keys:
# List all SSH keys in user directory
ls -la ~/.ssh/
# Check for system keys
sudo ls -la /etc/ssh/If you already have a key pair (likely id_rsa and id_rsa.pub), you can export the public key with:
# Display public key content
cat ~/.ssh/id_rsa.pub
# Or copy to clipboard (Linux/Mac)
xclip -sel clip < ~/.ssh/id_rsa.pubIf no keys exist, generate a new pair:
ssh-keygen -t rsa -b 4096
# Follow prompts (press Enter for defaults)The standard method using ssh-copy-id:
ssh-copy-id -i ~/.ssh/id_rsa.pub user@remote_serverManual method if ssh-copy-id isn't available:
cat ~/.ssh/id_rsa.pub | ssh user@remote_server "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"For SunSSH specifically, check these configuration files:
# Main configuration
/etc/ssh/sshd_config
# Alternative locations
/etc/opt/ssh/sshd_config
/opt/ssh/etc/sshd_configKey configuration parameters to verify:
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keysIf authentication fails:
# Check permissions (critical!)
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
# Enable verbose SSH output
ssh -v user@remote_serverFor SunSSH-specific debugging:
/usr/sbin/sshd -d -p 2222 # Start debug mode on alternate portWhen working with SunSSH (common in Solaris environments), the default key locations are:
# System-wide keys (for SSH daemon)
/etc/ssh/ssh_host_rsa_key.pub
/etc/ssh/ssh_host_dsa_key.pub
# User-specific keys
~/.ssh/id_rsa.pub
~/.ssh/id_dsa.pub
First check what keys are available in your user directory:
bash-2.05# ls -la ~/.ssh/
total 16
drwx------ 2 user group 512 Jul 12 10:15 .
drwxr-xr-x 31 user group 1024 Jul 12 10:15 ..
-rw-r--r-- 1 user group 566 Jul 12 10:15 id_rsa.pub
-rw------- 1 user group 1675 Jul 12 10:15 id_rsa
To display your public key for transfer:
bash-2.05# cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA... user@hostname
If no key exists, generate a new pair:
bash-2.05# ssh-keygen -t rsa -b 2048
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
Use ssh-copy-id if available, or manually append to authorized_keys:
bash-2.05# cat ~/.ssh/id_rsa.pub | ssh user@remote "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"
Test the connection after key transfer:
bash-2.05# ssh -v user@remote
...
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /home/user/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
...
For Solaris' SunSSH implementation, ensure proper permissions:
bash-2.05# chmod 700 ~/.ssh
bash-2.05# chmod 600 ~/.ssh/authorized_keys
If using older SunSSH versions, you might need to modify the sshd_config:
# Ensure these settings exist in /etc/ssh/sshd_config
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
If authentication fails, check these logs:
bash-2.05# tail -f /var/log/authlog
Common error messages and solutions:
# "Permission denied (publickey)"
- Verify the public key was correctly appended to authorized_keys
- Check file permissions (should be 600 for authorized_keys)
# "Agent admitted failure to sign using the key"
- Try ssh-add ~/.ssh/id_rsa to add the key to the agent