Unix/Linux Go Back    


Shell Programming and Scripting Unix shell scripting - KSH, CSH, SH, BASH, PERL, PHP, SED, AWK and shell scripts and shell scripting languages here.

ERROR : Permission denied (publickey,password,keyboard-interactive).

Shell Programming and Scripting


Closed Linux or Unix Question    
 
Thread Tools Search this Thread Display Modes
    #1  
Old Unix and Linux 07-03-2008
deepusunil deepusunil is offline
Registered User
 
Join Date: May 2008
Last Activity: 13 August 2008, 2:34 AM EDT
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
ERROR : Permission denied (publickey,password,keyboard-interactive).

Hello,
when I try to connect to a remote machine through SSH username@host I am getting the error message
Permission denied (publickey,password,keyboard-interactive).

Can any one tell me what is the problem. the key is added in the remote machines authorized_keys file.
Sponsored Links
    #2  
Old Unix and Linux 07-03-2008
mirusnet's Unix or Linux Image
mirusnet mirusnet is offline
Registered User
 
Join Date: Dec 2007
Last Activity: 18 June 2010, 4:33 AM EDT
Posts: 148
Thanks: 0
Thanked 0 Times in 0 Posts
Do you use ssh -i key?
Sponsored Links
    #3  
Old Unix and Linux 07-03-2008
deepusunil deepusunil is offline
Registered User
 
Join Date: May 2008
Last Activity: 13 August 2008, 2:34 AM EDT
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
No.
The steps i have followed are
1) generated the key with "ssh-keygen -b 2048 -t rsa" in the client machine
2)public key was added in the servers authorized_keys file.
3) tried to connect to the system with ssh user@host
4) then the system throws an error "Permission denied (publickey,keyboard-interactive)."

But with the same server i have setup another public private key pairing for another user say user1 couple of weeks back. which is working fine . So could you tell me what can be the reason with this user. ?
    #4  
Old Unix and Linux 07-03-2008
ch.siva ch.siva is offline
Registered User
 
Join Date: Jun 2008
Last Activity: 3 July 2008, 8:31 AM EDT
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Hi
There will be some identify file exist in the remote system. u need to add user name in that file then only it's possible to connect.
Sponsored Links
    #5  
Old Unix and Linux 07-03-2008
deepusunil deepusunil is offline
Registered User
 
Join Date: May 2008
Last Activity: 13 August 2008, 2:34 AM EDT
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
is it in known_hosts file ?
Is the error is coming becuase the user is not recognized in the remote machine ?
Sponsored Links
    #6  
Old Unix and Linux 10-10-2008
benja benja is offline
Registered User
 
Join Date: Oct 2008
Last Activity: 21 October 2008, 7:35 AM EDT
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
same problem over here

I think my problem is identical to deepusunil. I have two computers node0 and node1 and I want to access node1 from node0. I have password-less public key access with root but for a second user it doesn't work.

I tried a lot of things already and I searched a lot on the internet, e.g. I followed the troubleshooting steps in Password-less logins with OpenSSH and https://help.ubuntu.com/community/Ad...roubleshooting. I am running out of ideas. I recreated and copied keys many times over using ssh-copy-id or manual paste/append to node1:~/.ssh/authorized_keys. Still I cannot login with the non-root user. I hope somebody can give me a hint.

For sure, I created and copied key files (for both root and other user) on node0 with:
[root|user]> ssh-keygen -t rsa
[root|user]> ssh-copy-id -i ~/.ssh/id_rsa.pub node1


I use the same configurations for root and user in node0:/etc/ssh/ssh_config (no config file in ~/.ssh) and (obviously the same) node1:/etc/sshd_config. For sure, I made files in ~user/.ssh/ and /root/.ssh to have same permissions.

On node1, I allowed reading for everybody: (just to make sure)
-rw-r--r-- 1 root root 1956 2008-08-29 19:29 ssh_config
-rw-r--r-- 1 root root 3667 2008-10-10 20:50 sshd_config

I'll append the verbose (debug with -vvv) output from ssh...

OpenSSH_5.0p1, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to node1 [192.168.1.1] port 22.
debug1: Connection established.
debug1: identity file /home/user/.ssh/identity type -1
debug3: Not a RSA1 key file /home/user/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/user/.ssh/id_rsa type 1
debug1: identity file /home/user/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.0
debug1: match: OpenSSH_5.0 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.0
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes12
8-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 139/256
debug2: bits set: 524/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/user/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: filename /home/user/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'node1' is known and matches the RSA host key.
debug1: Found key in /home/user/.ssh/known_hosts:1
debug2: bits set: 504/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/user/.ssh/identity ((nil))
debug2: key: /home/user/.ssh/id_rsa (0x7f55af1dd4f0)
debug2: key: /home/user/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug3: start over, passed a different list publickey,gssapi-with-mic,password
debug3: preferred publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred:
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/user/.ssh/identity
debug3: no such identity: /home/user/.ssh/identity
debug1: Offering public key: /home/user/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Trying private key: /home/user/.ssh/id_dsa
debug3: no such identity: /home/user/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-with-mic,password).

What does it mean "Not a RSA1 key file /home/user/.ssh/id_rsa?"

Last edited by benja; 10-12-2008 at 10:53 AM.. Reason: making more coherent
Sponsored Links
Closed Linux or Unix Question

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Unix or Linux Image More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
SSH Error - Permission denied (publickey,keyboard-interactive) nice_chapp AIX 4 08-17-2011 04:31 PM
Permission denied when changing root password after reset darkone_d1_2000 UNIX for Dummies Questions & Answers 0 06-25-2010 12:32 PM
SSH permission denied (publickey) VRoemer UNIX for Dummies Questions & Answers 2 03-31-2008 11:45 PM
permission denied error Anji Shell Programming and Scripting 2 01-08-2008 05:34 AM
rm Permission Denied error Cech2002 UNIX for Dummies Questions & Answers 7 06-26-2002 06:24 PM



All times are GMT -4. The time now is 02:35 PM.