Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: ssh login and auth errors
Top Forums UNIX for Dummies Questions & Answers ssh login and auth errors Post 302344266 by System Shock on Saturday 15th of August 2009 12:35:38 PM
Old 08-15-2009
You can remove both entries in known_hosts. They'll get re-populated when you connect to other servers.

There is an obvious error in the third command you typed. You need to put your pub key inside your home directory's ssh folder, and it needs to be in a specific file. If the school's server is using openSSH, you should add your key to ~/.ssh/authorized_keys . If the school's server is using a commercial ssh, then you may have to convert your pub key to their format.

Anyway, let's start from the top. You said that, if you remove all the contents from your .ssh folder, you can ssh to the schools server. So, go ahead and do that, and try to log in and log out the server a couple times just to make sure your login and password work. If you wiped everything off your .ssh directory, you should get a message asking you if you want to accept the server's public key, which should populate .ssh/known_hosts with one entry. While you are there, check to see if you have a .ssh directory inside your home directory, if you don't create one, give it 400 permissions
Code:
$ mkdir .ssh
$ chmod 400 .ssh

After you have established that you can ssh to the server and log in with your username and password, go ahead and create your key. The command below includes the -N flag. If you don't want to supply a passphrase every session, then -N "" will set your passphrase to nothing.
Code:
 ssh-keygen -t rsa -N ""

Now, you'll copy your id_rsa.pub to your home directory in the remote server. Again, assuming the school's server is using openSSH, you'll put your public key in authorized_keys.
Code:
scp ./ssh/id_rsa.pub remote.server.edu:~/.ssh/authorized_keys

Now you should be able to ssh from your computer to the server. If you can't, then we'll need to know the error you received, and take it from there.

About StrictHostKeyChecking=no :
What this does, basically it allows the connection to continue even if you get back the error you posted, that the server pub key and what's in your known_hosts file doesn't match. It is possible that the school server's administrators change the key frequently for whatever reason, and that is why they instruct to add that line to your ssh config. I have that entry in my lab servers, but I don't know that I want to use it in production.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

SSH Problem auth problem

Hi, Just recently we seem to be getting the following error message relating to SSH when we run the UNIX script in background mode: warning: You have no controlling tty. Cannot read confirmation.^M warning: Authentication failed.^M Disconnected; key exchange or algorithm negotiation... (1 Reply)
Discussion started by: budrito
1 Replies

2. HP-UX

X-server errors at login? I want to just get rid of this!

The CDE login manger may repeatedly scroll these error messages on the console: **************************************************************** * The X-server cannot be started on display <hostname>:0... * For details look into the file, Dtlogin.errorLogFile (default: *... (6 Replies)
Discussion started by: emplate
6 Replies

3. UNIX for Advanced & Expert Users

SSH errors

hellow Experts, I want to know that whenever i run ssh command, i get this error > ssh username@x.x.x.x ssh: connect to host x.x.x.x port 22: No route to host or connection refused i want to know the exact reason for these errors .. like because of firewall , no physical conection ,... (3 Replies)
Discussion started by: luckypower
3 Replies

4. AIX

SSH + LDAP Auth Giving Fits

I'm having a bear of a time getting my LDAP connection going, so I hope someone here has some insight. I have AIX 5.3 running on an LPAR. I have ldap-client, ldap-max-crypto-client, gskak, and gskte installed. I'm able to set up the connection via mksecldap, and I can query users just fine... (1 Reply)
Discussion started by: AlexDeGruven
1 Replies

5. UNIX for Dummies Questions & Answers

ssh pub key auth - can some please guide me idiot proof

hello. can somebody please idiot proff simple guide me how to set up ssh public key authenciation? i am stuck, i tried long and googled a lot but i cant get it. thanks in advance. (4 Replies)
Discussion started by: scarfake
4 Replies

6. Solaris

SCP & SSH errors

Hi I am trying to scp a file between to servers (both on same subnet and can see each other). However, whenever I try I get the following error: ld.so.1: ssh: fatal: relocation error: file /usr/local/bin/ssh: symbol EVP_CIPHER_CTX_key_length: referenced symbol not found lost connection I... (4 Replies)
Discussion started by: skewbie
4 Replies

7. AIX

ssh public key auth "Remote login for account is not allowed" ?

Hello, Using AIX 6.1 boxes. User user1 connects from box A to box B using ssh. When password authentication is used everything is fine. When I configure user1 to use public key authentication sftp client works fine(no password asked), but ssh client fails. This is sshd log: Accepted publickey... (3 Replies)
Discussion started by: vilius
3 Replies

8. HP-UX

telnet login successful ,but ssh can not login

why I can login by telnet using root account but when i use login by ssh using root account it is not successful ,is it different password i am sure ssh service is started (2 Replies)
Discussion started by: alert0919
2 Replies

9. UNIX for Dummies Questions & Answers

SSH SSH encountered 1 errors during the transfer

This issue was resolved due to using the correct user transferring the file over to the desktop. (1 Reply)
Discussion started by: Computergal2104
1 Replies

10. UNIX for Beginners Questions & Answers

Ssh errors

hello all Happy New year I have an issue here whenever I want to ssh into a particular server I get this error message "Disconnected: NO supported authentication methoids available (server sent publickey) I was trying to copy the public key to another server so that I do not need nto... (7 Replies)
Discussion started by: DOkuwa
7 Replies

LEARN ABOUT SUSE

ssh-keyconverter

SSH-KEYCONVER(1)					    BSD General Commands Manual 					  SSH-KEYCONVER(1)

NAME

     ssh-keyconvert -- convert ssh v1 keys and authorization files

SYNOPSIS

     ssh-keyconvert [-k] [-o output_file] identity_file ...
     ssh-keyconvert [-a] [-o output_file] authorization_file ...

DESCRIPTION

     ssh-keyconvert converts RSA public and private keys used for public key based user authentication with protocol version 1 to the format used
     with protocol version 2.

     When using RSA user authentication with SSH protocol version 1, the client uses the private key from $HOME/.ssh/identity to provide its iden-
     tity to the server. The server grants or denies access based on whether the public part of this key is listed in $HOME/.ssh/authorized_keys.

     SSH protocol version 2 supports both DSA and RSA keys, but the way RSA keys are stored are differently. On the client, the default file name
     is .ssh/id_rsa rather than .ssh/identity, and the file's format is different as well. On the server, the public porting of the key can still
     be stored in .ssh/authorized_keys, but the key notation has changed as well.  Therefore, when switching from protocol version 1 to version 2,
     you either have to create a new identity key using ssh-keygen(1) and add that key to the server's authorized_keys file, or you need to con-
     vert your keys using ssh-keyconvert.

     By default, ssh-keyconvert will try to guess the type of file that is to be converted.  If it fails to guess correctly, you can tell if what
     type of conversion to perform by specifying the -k option to convert the private key, or the -a option to convert an authorisation file.

     When converting your private keys stored in .ssh/identity, ssh-keyconvert will read the private key, prompting you for the pass phrase if the
     key is protected by a pass phrase. If the -o option is given, it will write the private key to the specified file, using version 2 syntax. If
     the key was protected by a pass phrase, it will use the same pass phrase to protect the new file.	It will also write the public portion of
     the key to a second file, using the specified file name with ``.pub'' appended.  If the -o option was not given, private and public key will
     be written to id_rsa and id_rsa.pub, respectively, relative to the directory of the input key file.

     If the destination file already exists, ssh-keyconvert will prompt the user for confirmation before overwriting the file, unless the -f
     option is given.

     When converting your authorized_keys file, ssh-keyconvert will ignore any keys in SSH version 2 format. Any public keys in version 1 format
     will be converted and appended to the output file using the new syntax. If the -o option is given, keys are appended to the specified file.
     If it is not given, ssh-keyconvert will append all keys to the input file.

     Note that ssh-keyconvert does not check for duplicate keys, so if you run it on .ssh/authorized_keys more several times, the converted keys
     will show up several times.

OPTIONS

     -k      Convert private key file(s). The default is to guess the type of file that should be converted.

     -a      Convert authorized_keys file(s). The default is to guess the type of file that should be converted.

     -o outfile
	     Specify the name of the output file.  When converting an authorization file, all public keys will be appended to this file.  For pri-
	     vate key conversion, the private and public components of the key will be stored in outfile and outfile.pub, respectively.  Note that
	     since every key must be stored in a separate file, you cannot use this option when you specify several input files.

     -f      When converting a key file, and the output file already exists, ssh-keyconvert will ask the user whether to overwrite the file. Using
	     this option forces overwriting.

AUTHORS

     OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
     Theo de Raadt and Dug Song removed many bugs, re-added newer features and created OpenSSH.  ssh-keyconvert was contributed by Olaf Kirch.

SEE ALSO

     ssh(1), ssh-add(1), ssh-agent(1), sshd(8)

     J. Galbraith and R. Thayer, SECSH Public Key File Format, draft-ietf-secsh-publickeyfile-01.txt, March 2001, work in progress material.

BSD
								 February 2, 2002							       BSD
All times are GMT -4. The time now is 03:01 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy