ssh login and auth errors | Unix Linux Forums | UNIX for Dummies Questions & Answers

  Go Back    


UNIX for Dummies Questions & Answers If you're not sure where to post a UNIX or Linux question, post it here. All UNIX and Linux newbies welcome !!

ssh login and auth errors

UNIX for Dummies Questions & Answers


Tags
permission denied, rsa authentication, rsa keys, scp, ssh

Closed Thread    
 
Thread Tools Search this Thread Display Modes
    #1  
Old 08-14-2009
daytripper daytripper is offline
Registered User
 
Join Date: Aug 2009
Last Activity: 21 August 2009, 4:45 AM EDT
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Question ssh login and auth errors

Hi folks, I'm having some rather odd trouble with ssh. It all started when I tried to create rsa public/private keys to login to a remote ssh account. The account is on a university server and the address redirects to several different machines so (following their wiki instructions...sigh) I executed this on my local (my os is Ubuntu "hardy" btw):

Code:
echo "StrictHostKeyChecking=no">>~/.ssh/config

Logged in and everything seemed fine. Logged out and (again following their advice) issued this command to create the rsa key pair:

Code:
ssh-keygen -t rsa

The id_rsa and id_rsa.pub were created and the next step was to send the key to the remote linux account:

Code:
scp ~/.ssh/id_rsa.pub remote.server.edu:

Something about this command didn't quite look right, however i ran it anyway, trusting their wisdom over mine. The gnome keyring popped up and prompted me for the passphrase to unlock my key. I entered it, then on the terminal I was prompted for my remote account password. Entered it...but, uh-oh, the "password:" prompt reappeared as if my password was wrong?! I know without a shadow of a doubt that I entered all the necessary passwords correctly.
So, now very curious (and confused and frustrated) I force quit the terminal, restarted it and tried to ssh to my remote account again:

Code:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@       WARNING: POSSIBLE DNS SPOOFING DETECTED!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The RSA host key for <remote.server.edu> has changed,
and the key for the according IP address <0.0.0.0>
is unknown. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
<fingerprint>
Please contact your system administrator.
Add correct host key in /home/me/.ssh/known_hosts to get rid of this message.
Offending key in /home/me/.ssh/known_hosts:1
Password authentication is disabled to avoid man-in-the-middle attacks.
Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.
Permission denied (publickey,password,hostbased).

My known_hosts file has 2 [1] entries by the way so this error message didn't really help me! I've tried removing both entries individually with no luck. I tried numerous things but to no avail. I found that wiping the contents of /.ssh would (usually) put me back to square one but even then, I can only login once through ssh. The second time I usually get a message similar to the above except with this at the end instead:

Code:
Permission denied (publickey,keyboard-interactive,hostbased).

I'm baffled! Is there a problem with my ssh configuation? ssh keys? am i using the wrong commands? Sometimes typing my (correct!) password won't even log me in so I'm thinking there might be a problem with the university's ssh configuration. (It's worth pointing out that I have no problem logging in through ftp) Any ideas?
Sponsored Links
    #2  
Old 08-14-2009
chompy chompy is offline
Registered User
 
Join Date: Aug 2009
Last Activity: 15 September 2010, 1:44 PM EDT
Location: pwd
Posts: 71
Thanks: 0
Thanked 0 Times in 0 Posts
What does your ssh command look like?
Sponsored Links
    #3  
Old 08-14-2009
Corona688 Corona688 is online now Forum Staff  
Mead Rotor
 
Join Date: Aug 2005
Last Activity: 26 November 2014, 12:06 PM EST
Location: Saskatchewan
Posts: 19,941
Thanks: 848
Thanked 3,419 Times in 3,204 Posts
Quote:
Originally Posted by daytripper View Post
My known_hosts file has 2 [1] entries by the way so this error message didn't really help me!
It has two first lines?
    #4  
Old 08-15-2009
daytripper daytripper is offline
Registered User
 
Join Date: Aug 2009
Last Activity: 21 August 2009, 4:45 AM EDT
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
What does your ssh command look like?
The commands i used were the one's listed in my original post if that's what you mean.

Quote:
It has two first lines?
Well no, but i assumed the 1 that the error was referring to (aka "The offending key") was the entry in my known_hosts that started [1]...in my case there are two blocks, both starting with [1]. How do I know which one to remove? Or am I completely misinterpreting the way ssh works? Mind you, I don't have much experience with/understanding of ssh. So if anyone has more concise steps to creating an ssh key pair to do password-less login to my remote server, please enlighten me. Taking advice from my university's wiki could be the real problem! ...but really, they probably just didn't explain it clearly enough.
Sponsored Links
    #5  
Old 08-15-2009
System Shock's Avatar
System Shock System Shock is offline Forum Advisor  
Registered User
 
Join Date: May 2006
Last Activity: 4 May 2012, 3:37 PM EDT
Location: Tau Ceti V
Posts: 558
Thanks: 0
Thanked 7 Times in 6 Posts
You can remove both entries in known_hosts. They'll get re-populated when you connect to other servers.

There is an obvious error in the third command you typed. You need to put your pub key inside your home directory's ssh folder, and it needs to be in a specific file. If the school's server is using openSSH, you should add your key to ~/.ssh/authorized_keys . If the school's server is using a commercial ssh, then you may have to convert your pub key to their format.

Anyway, let's start from the top. You said that, if you remove all the contents from your .ssh folder, you can ssh to the schools server. So, go ahead and do that, and try to log in and log out the server a couple times just to make sure your login and password work. If you wiped everything off your .ssh directory, you should get a message asking you if you want to accept the server's public key, which should populate .ssh/known_hosts with one entry. While you are there, check to see if you have a .ssh directory inside your home directory, if you don't create one, give it 400 permissions

Code:
$ mkdir .ssh
$ chmod 400 .ssh

After you have established that you can ssh to the server and log in with your username and password, go ahead and create your key. The command below includes the -N flag. If you don't want to supply a passphrase every session, then -N "" will set your passphrase to nothing.

Code:
 ssh-keygen -t rsa -N ""

Now, you'll copy your id_rsa.pub to your home directory in the remote server. Again, assuming the school's server is using openSSH, you'll put your public key in authorized_keys.

Code:
scp ./ssh/id_rsa.pub remote.server.edu:~/.ssh/authorized_keys

Now you should be able to ssh from your computer to the server. If you can't, then we'll need to know the error you received, and take it from there.

About StrictHostKeyChecking=no :
What this does, basically it allows the connection to continue even if you get back the error you posted, that the server pub key and what's in your known_hosts file doesn't match. It is possible that the school server's administrators change the key frequently for whatever reason, and that is why they instruct to add that line to your ssh config. I have that entry in my lab servers, but I don't know that I want to use it in production.
Sponsored Links
    #6  
Old 08-17-2009
daytripper daytripper is offline
Registered User
 
Join Date: Aug 2009
Last Activity: 21 August 2009, 4:45 AM EDT
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Now I'm not sure what's going on. I just now read your post, System, and tried to login after clearing my known hosts and everything else in /.ssh, and the server won't accept my password. I don't understand this at all, because I can still login through ftp without any problems. But for some reason logging in through ssh doesn't accept my password. Does this mean their server is having a problem?

Also when I ftp'd to my account I tried to mkdir .ssh but it said

Code:
550 Make directory operation failed.

Thanks for the help, but I seem to have hit a brick wall.

Last edited by daytripper; 08-17-2009 at 04:03 AM.. Reason: ...my own stupidity...
Sponsored Links
    #7  
Old 08-17-2009
Corona688 Corona688 is online now Forum Staff  
Mead Rotor
 
Join Date: Aug 2005
Last Activity: 26 November 2014, 12:06 PM EST
Location: Saskatchewan
Posts: 19,941
Thanks: 848
Thanked 3,419 Times in 3,204 Posts
It sounds like either the disk is out of space or you do not have write access to your own directories for some reason.
Sponsored Links
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Big log file: auth.log mjdousti UNIX for Advanced & Expert Users 2 02-25-2008 12:00 PM
Solaris 10 auth issue itsupplies UNIX for Advanced & Expert Users 4 09-08-2006 09:25 AM
Adapter Errors and Link Errors mcastill66 UNIX for Advanced & Expert Users 0 08-02-2005 07:11 PM
X-server errors at login? I want to just get rid of this! emplate HP-UX 6 05-04-2005 05:54 PM
Apache auth question loadc UNIX for Advanced & Expert Users 1 12-19-2002 03:05 PM



All times are GMT -4. The time now is 01:09 PM.