At Sun, 6 Mar 2011 12:45:21 +0000, Chris G wrote:
While ssh logins to cheddar.halon.org.uk from terminal windows on my GUI desktop are passwordless
Have you logged in to your desktop environment since the host key change? Is it possible that some component of your desktop environment is caching some old key that still works? And that logging out and in again (to your DE) may stop SSH logins using your publickey from working?
logins from shell console terminals (i.e. CTRL/ALT/n ones) ask for my password at cheddar.halon.org.uk (N.B. they don't ask for the key to my passphrase, it's the cheddar.halon.org.uk password that is asked for). I'm sure these used to work.
For ssh, you can explicitly set the identity to use with -i. And you can test setting PasswordAuthentication to No using -o.
More to the point my rsync backup to cheddar.halon.org.uk that runs as a cron job has also stopped working, it's expecting a passwordless login to cheddar.halon.org.uk but like the ssh login from a console it's failing because cheddar.halon.org.uk is asking for a password.
Did this used to work using ssh-agent? The only way I've ever found to make my ssh-agent-dependent cron jobs work is to set SSH_AUTH_SOCK as part of the cron job, e.g.:
SSH_AUTH_SOCK="$(find /tmp/ssh*/ -type s -user richard -group richard -name 'agent*' | head -n 1)" cmd...
So both the above problems point at some sort of screw up with ssh_agent but it's complicated by the following:-
The file ~/.ssh/config contains:- Host cheddar.halon.org.uk IdentityFile ~/.ssh/np_id_rsa and ~/.ssh/np_id_rsa and ~/.ssh/np_id_rsa.pub haven't changed so why isn't it being used?
A last resort, of course, would be to generate a new ID.
Best, Richard