howto

Have you been trying for ages to install your SSH keys onto some remote host - something you've done a hundred times before - and are just getting nowhere? Here's how I fix that problem.

# cd /tmp
# wget -c "http://www.catb.org/~esr/ssh-installkeys/ssh-installkeys-1.4.tar.gz"
# tar zfx ssh-installkeys-1.4.tar.gz
# cd ssh-installkeys-1.4
# make all && make install
# rm /Users/username/.ssh/id_*
$ ssh-installkeys –d username@remotehost
$ ssh-installkeys username@remotehost

The next time you SSH there it MUST NOT ASK YOU FOR A PASSWORD. And if it doesn’t then you're done. :)

The following should be noted well about the above.

• usually I make any box this is done on have a /usr/local/src directory in which I build anything from source
• it's considered posh these days to use sudo and not do anything as root, but I give rocks for that
• those last two steps are done as your normal user
• if you aren't on a Mac then chances are your home directory is not found in /Users. Why don't you try /home?

This NEVER doesn't work for me. If it doesn't work for you then I would suggest getting onto the remote host and running SSHD in debug mode. It will tell you why things are failing.

So I'm not sure how, but I broke one of my Ubuntu virtual machines now, right at a about the worst possible time for it to break. The symptoms were that while I could still login to the machine as my user, and if I was root I could still "su" to that user, every time I was that user the user itself seemed to have no understanding of itself, while the system still did. That was a pretty hairy sentence, so let me explain by showing what I tried.

root@gw-pkl-01:~# su - charles
I have no name!@gw-pkl-01:~$

Now when you try SSH'ing anywhere or doing anything useful you are told to get lost.

I have no name!@gw-pkl-01:~$ ssh charles@anywhere.i.can.think.of -Cv
You don't exist, go away!
I have no name!@gw-pkl-01:~$

But I wonder whether the system knows who I am?

I have no name!@gw-pkl-01:~$ id
uid=1000 gid=1000(charles) groups=4(adm),20(dialout),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),107(fuse),109(lpadmin),115(admin),1000(charles),1001(wheel)
I have no name!@gw-pkl-01:~$ whoami
whoami: cannot find name for user ID 1000
I have no name!@gw-pkl-01:~$ echo $USER
charles
I have no name!@gw-pkl-01:~$

That almost all seemed correct, so what on earth could be going on? I tried adding new users to see if they were alright, and they also had the problem.

The answer is that your /etc/passwd file is not readable by all users. This was confirmed by comparing the broken machine with another one that I had deployed from the same template.

root@dynamips-pkl-01:~# ls -la /etc/passwd
-rw-r--r-- 1 root root 2104 2008-07-17 00:12 /etc/passwd
root@dynamips-pkl-01:~#

root@gw-pkl-01:~# ls -la /etc/passwd
-rw------- 1 root root 2331 2008-08-12 13:49 /etc/passwd
root@gw-pkl-01:~#

Make it readable and everything works again.

root@gw-pkl-01:~# chmod +r /etc/passwd
root@gw-pkl-01:~# su - charles
charles@gw-pkl-01:~$ id
uid=1000(charles) gid=1000(charles) groups=4(adm),20(dialout),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),107(fuse),109(lpadmin),115(admin),1000(charles),1001(wheel)
charles@gw-pkl-01:~$ whoami
charles
charles@gw-pkl-01:~$ echo $USER
charles
charles@gw-pkl-01:~$

Thanks to this post which made that all easy to realise.