Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Unable to ssh using identity keys
Operating Systems Linux Unable to ssh using identity keys Post 302169364 by new2ss on Thursday 21st of February 2008 04:21:37 AM
Old 02-21-2008
Unable to ssh using identity keys
Hi all, i am trying to ssh into a remote server without password, i tried the command with the verbose command 'ssh -v -l user1 10.10.10.10'
Code:
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: Connecting to 10.10.10.10 [10.10.10.10] port 22.
debug1: Connection established.
debug1: identity file /home/user1/.ssh/identity type 0
debug1: identity file /home/user1/.ssh/id_rsa type 1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '10.10.10.10' is known and matches the RSA host key.
debug1: Found key in /home/user1/.ssh/known_hosts:33
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering public key: /home/user1/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: password

i have already copied the public key(id_dsa.pub) to both authorized_keys and authorized_keys2.what could be the problem?

On the remote server, i am seeing this error
Code:
Authentication refused: bad ownership or modes for directory /home/user1

Update:
Hi all, problem resolved. The home directory permission was set incorrectly.
Last edited by new2ss; 02-21-2008 at 06:36 AM..
 

6 More Discussions You Might Find Interesting

1. SCO

Unable to use funtion keys with Kea term

Hi I have a server SCO_SV mantrak 3.2 5.0.5 i386 and i use a terminal emulator called Kea 420 term ! when i log in to the session i am unable to use the funtions keys then i reset the server and works fine just some minutes any comment ? i really apreciate your help regards... (1 Reply)
Discussion started by: Rdavila
1 Replies

2. UNIX for Advanced & Expert Users

SSH Keys Help

Hello, I'm wondering if anyone has a step-by-step instruction set for setting up ssh keys? I've gone through many of the manuals online (most seem to be from the same source) and it's a little bit unclear when the documentation is talking about the server versus the client machine. I'm missing... (1 Reply)
Discussion started by: sysera
1 Replies

3. UNIX for Dummies Questions & Answers

SSH keys

Hi everyone, i wanted to generate ssh keys so that i can include the public key in the remote sever, so that for subsequent logins, i can do away with the keying in of the password. I consulted the man ssh-keygen man pages. "..Normally each user wishing to use SSH with RSA or DSA... (1 Reply)
Discussion started by: new2ss
1 Replies

4. Shell Programming and Scripting

What are public keys in ssh and how do we create the public keys??

Hi All, I am having knowledge on some basics of ssh and wanted to know what are the public keys and how can we create and implement it in connecting server. Please provide the information for the above, it would be helpful for me. Thanks, Ravindra (1 Reply)
Discussion started by: ravi3cha
1 Replies

5. Solaris

help with SSH keys

Hello, I could use some help with my ssh keys and agent. This is the issue. I have 2 different UNIX systems at work. One is the normal Solaris servers with my uid being the same throughout all the servers. I now have a different system for my desktop. A contractor came in and installed some SUN... (0 Replies)
Discussion started by: bitlord
0 Replies

6. Shell Programming and Scripting

Find active SSH servers w/ ssh keys on LAN

Hi, I am trying to complete my bash script in order to find which SSH servers on LAN are still active with the ssh keys, but i am frozen at this step: #!/bin/bash # LAN SSH KEYS DISCOVERY SCRIPT </etc/passwd \ grep /bin/bash | cut -d: -f6 | sudo xargs -i -- sh -c ' && cat... (11 Replies)
Discussion started by: syrius
11 Replies

LEARN ABOUT DEBIAN

msva-perl

MSVA-PERL(1)						User Contributed Perl Documentation					      MSVA-PERL(1)

NAME

       msva-perl - Perl implementation of a Monkeysphere Validation Agent

SYNOPSIS

	 msva-perl [ COMMAND [ ARGS ... ] ]

ABSTRACT

       msva-perl provides a Perl implementation of the Monkeysphere Validation Agent, a certificate validation service.

INTRODUCTION

       The Monkeysphere Validation Agent offers a local service for tools to validate certificates (both X.509 and OpenPGP) and other public keys.

       Clients of the validation agent query it with a public key carrier (a raw public key, or some flavor of certificate), the supposed name of
       the remote peer offering the pubkey, and the context in which the validation check is relevant (e.g. ssh, https, etc).

       The validation agent then tells the client whether it was able to successfully validate the peer's use of the public key in the given
       context.

USAGE

       Launched with no arguments, msva-perl simply runs and listens forever.

       Launched with arguments, it sets up a listener, spawns a subprocess using the supplied command and arguments, but with the
       MONKEYSPHERE_VALIDATION_AGENT_SOCKET environment variable set to refer to its listener.	When the subprocess terminates, msva-perl tears
       down the listener and exits as well, returning the same value as the subprocess.

       This is a similar invocation pattern to that of ssh-agent(1).

ENVIRONMENT VARIABLES

       msva-perl is configured by means of environment variables.

       MSVA_LOG_LEVEL
	   msva-perl logs messages about its operation to stderr.  MSVA_LOG_LEVEL controls its verbosity, and should be one of (in increasing
	   verbosity): silent, quiet, fatal, error, info, verbose, debug, debug1, debug2, debug3.  Default is 'error'.

       MSVA_ALLOWED_USERS
	   If your system is capable of it, msva-perl tries to figure out the owner of the connecting client.  If MSVA_ALLOWED_USERS is unset,
	   msva-perl will only permit connections from the user msva is running as.  If you set MSVA_ALLOWED_USERS, msva-perl will treat it as a
	   list of local users (by name or user ID) who are allowed to connect.

       MSVA_PORT
	   msva-perl listens on a local TCP socket to facilitate access.  You can choose what port to bind to by setting MSVA_PORT.  Default is to
	   bind on an arbitrary open port.

       MSVA_KEYSERVER
	   msva-perl will request information from OpenPGP keyservers.	Set MSVA_KEYSERVER to declare the keyserver you want it to check with.	If
	   this variable is blank or unset, and your gpg.conf contains a keyserver declaration, it will use the GnuPG configuration.  Failing
	   that, the default is 'hkp://pool.sks-keyservers.net'.

       MSVA_KEYSERVER_POLICY
	   msva-perl must decide when to check with keyservers (for new keys, revocation certificates, new certifications, etc).  There are three
	   possible options: 'always' means to check with the keyserver on every query it receives.  'never' means to never check with a
	   keyserver. 'unlessvalid' will only check with the keyserver on a specific query if no keys are already locally known to be valid for
	   the requested peer.	Default is 'unlessvalid'.

       MSVA_MONITOR_CHANGES
	   Under graphical environments such as X11, msva-perl is capable of monitoring for changes in its underlying code and can prompt the user
	   to restart the daemon when some of the underlying code changes.  Setting this environmnt variable to 'true' enables this monitoring and
	   prompting behavior.	Default is 'false'.

COMMUNICATION PROTOCOL DETAILS

       Communications with the Monkeysphere Validation Agent are in the form of JSON requests over plain HTTP.	Responses from the agent are also
       JSON objects.  For details on the structure of the requests and responses, please see
       http://web.monkeysphere.info/validation-agent/protocol

SECURITY CONSIDERATIONS

       msva-perl deliberately binds to the IPv4 loopback (on 127.0.0.1) so that remote users do not get access to the daemon.  On systems (like
       Linux) which report ownership of TCP sockets in /proc/net/tcp, msva-perl will refuse access from random users (see MSVA_ALLOWED_USERS
       above).

SEE ALSO

       monkeysphere(1), monkeysphere(7), ssh-agent(1)

BUGS AND FEEDBACK

       Bugs or feature requests for msva-perl should be filed with the Monkeysphere project's bug tracker at
       https://labs.riseup.net/code/projects/monkeysphere/issues/

AUTHORS AND CONTRIBUTORS

       Daniel Kahn Gillmor <dkg@fifthhorseman.net<gt>

       The Monkeysphere Team http://web.monkeysphere.info/

COPYRIGHT AND LICENSE

       Copyright AX Daniel Kahn Gillmor and others from the Monkeysphere team.	msva-perl is free software, distributed under the GNU Public
       License, version 3 or later.

perl v5.14.2							    2013-02-08							      MSVA-PERL(1)
All times are GMT -4. The time now is 09:34 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy