Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Problem setting up SSH keys between my laptop and a server.

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Problem setting up SSH keys between my laptop and a server.
# 1  
Old 03-25-2010
Problem setting up SSH keys between my laptop and a server.
This is probably somewhat trivial but it's driving me crazy. I have 6 servers with identical configurations. I'm trying to set up ssh keys between my laptop (windows XP using cygwin) and these servers (rhel). On 5 of the machines this works perfectly, but on one, no matter what I do, it gives me a password prompt. I've compared the ssh_config and the sshd_config (ran a sdiff) for a working box and a non working box, and they're identical. From looking at the SSH connection with debugging turned up, it looks like it's saying the signatures work...but it still asks for a password. Below is the output from the ssh -vvv:

Code:
(16:51:04\[ddecosta@nycsmitddecosta)
[~]$ ssh -vvv root@mass
OpenSSH_5.1p1, OpenSSL 0.9.8k 25 Mar 2009
debug2: ssh_connect: needpriv 0
debug1: Connecting to mass [192.168.47.1] port 22.
debug1: Connection established.
debug1: identity file /home/ddecosta/.ssh/identity type -1
debug1: identity file /home/ddecosta/.ssh/id_rsa type -1
debug3: Not a RSA1 key file /home/ddecosta/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/ddecosta/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH_3.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 129/256
debug2: bits set: 490/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/ddecosta/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 33
debug3: check_host_in_hostfile: filename /home/ddecosta/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 37
debug1: Host 'mass' is known and matches the RSA host key.
debug1: Found key in /home/ddecosta/.ssh/known_hosts:33
debug2: bits set: 523/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/ddecosta/.ssh/identity (0x0)
debug2: key: /home/ddecosta/.ssh/id_rsa (0x0)
debug2: key: /home/ddecosta/.ssh/id_dsa (0x6aeec0)
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug3: start over, passed a different list publickey,gssapi-with-mic,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/ddecosta/.ssh/identity
debug3: no such identity: /home/ddecosta/.ssh/identity
debug1: Trying private key: /home/ddecosta/.ssh/id_rsa
debug3: no such identity: /home/ddecosta/.ssh/id_rsa
debug1: Offering public key: /home/ddecosta/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password

If anyone has any ideas, I appreciate the help.
# 2  
Old 03-25-2010
  1. Are you sure you're connecting to the correct user?
  2. Are you sure you've put the key correctly into ~/.ssh/authorized_keys on the remote site? (a whitespace at the wrong position can screw up a lot)
  3. Are all servers the same release?
  4. Are all servers using the same OpenSSH version?
The reason for the last question are these 2 lines
Code:
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH_3.*

that would imply the remote server running a rather old version of OpenSSH, and supporting only SSHv1 (which is now 10 years obsolete). If it does only support SSHv1, it only supports old-style keys from ~/.ssh/identity.
# 3  
Old 03-25-2010
Well I don't know exactly what the issue is, but I got it working now. I blasted my authorized_keys file and redid it and now it works. Probably fat fingered the original somewhere.

Sorry to waste everyone's time.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Find active SSH servers w/ ssh keys on LAN

Hi, I am trying to complete my bash script in order to find which SSH servers on LAN are still active with the ssh keys, but i am frozen at this step: #!/bin/bash # LAN SSH KEYS DISCOVERY SCRIPT </etc/passwd \ grep /bin/bash | cut -d: -f6 | sudo xargs -i -- sh -c ' && cat... (11 Replies)
Discussion started by: syrius
11 Replies

2. UNIX for Dummies Questions & Answers

Problem in setting up samba server

Hi, I am trying to set-up a samba server at my red-hat machine in order to be accessed via windows, below are my current configuration Linux IP : 192.168.1.6 Windows IP : 192.168.1.2 -- I am able to ping from windows to linux machine : Pinging 192.168.1.6 with 32 bytes of data: Reply... (2 Replies)
Discussion started by: chander_1987
2 Replies

3. Solaris

LDAP Problem during Kerberos setting for Win server 03 Active Directory

Hi, FYI, I'm new in Solaris I'm trying to use Kerberos on authenticating LDAP Client with the Active Directory on Windows Server 2003 on both Solaris 10 5/08 and Solaris 10 9/10 by referring to the pdf file kerberos_s10.pdf available at sun official site. ... (0 Replies)
Discussion started by: chongzh
0 Replies

4. Fedora

Problem while generating ssh keys.

Hi all, I am facing an issue while creating the ssh keys. i am using fedora 9 Please let me know how to solve this issue # ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no... (5 Replies)
Discussion started by: kalyankalyan
5 Replies

5. Windows & DOS: Issues & Discussions

Office server => laptop =>client server ...a lengthy and laborious ftp procedure

Hi All, I need your expertise in finding a way to solve my problem.Please excuse if this is not the right forum to ask this question and guide me to the correct forum,if possible. I am a DBA and on a daily basis i have to ftp huge dump files from my company server to my laptop and then... (3 Replies)
Discussion started by: kunwar
3 Replies

6. Solaris

ssh private keys stored on home server

Where in the world are the ssh private keys stored on the home server? I know the public keys are renamed to authorized_keys under the /export/home//.ssh directory on the remote server. (1 Reply)
Discussion started by: jastanle84
1 Replies

7. HP-UX

Problem - Creating SSH Public/Private keys. Please help.

HI, I'm trying to create SSH public/private keys using following command. hp023:/users/vikram> ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/users/vikram/.ssh/id_rsa): rsa Enter passphrase (empty for no passphrase): Enter same passphrase... (9 Replies)
Discussion started by: vickramshetty
9 Replies

8. UNIX for Dummies Questions & Answers

Copying files from laptop to remote server using SSH

Hello, I'm sorry if this sounds like a very simple question, but I'm having some difficulty with it being a complete newbie to UNIx. I use Windows, and always have, but need some UNIX access for work, picking up files from our group space, etc. Basically, I'm using Cygwin and can SSH into the... (3 Replies)
Discussion started by: patwa
3 Replies
Login or Register to Ask a Question