SSH Connectivity issues - Need Help

Prithi.Puthran_at_ubs.com
Date: 03/29/05

  • Next message: Paul Stepowski: "Re: Réf. : sftp hangs on tru64 5.1A" 
    Date: Mon, 28 Mar 2005 17:48:34 -0500
To: <secureshell@securityfocus.com>

    I'm trying to configure ssh connectivity between a linux (open ssh v3.4) & W2K server (Cygwin SSH v2.9) but getting the following error message.

    25035: Permission denied (publickey,keyboard-interactive).

    ssh -v svc_psitg@nldn10769dap date give the following output.

    OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090607f
    25340: debug1: Reading configuration data /etc/opt/PERssh/ssh_config
    25340: debug1: Applying options for *
    25340: debug1: /etc/opt/PERssh/ssh_config line 24: Deprecated option "FallBackTo
    Rsh"
    25340: debug1: /etc/opt/PERssh/ssh_config line 25: Deprecated option "UseRsh"
    25340: debug1: Rhosts Authentication disabled, originating port will not be trus
    ted.
    25340: debug1: ssh_connect: needpriv 0
    25340: debug1: Connecting to nldn1069dap.ldn [139.149.50.203] port 22.
    25340: debug1: Connection established.
    25340: debug1: identity file /home/itg_dev/.ssh/identity type 2
    25340: debug1: identity file /home/itg_dev/.ssh/id_dsa type -1
    25340: debug1: identity file /home/itg_dev/.ssh/id_rsa1 type -1
    25340: debug1: identity file /home/itg_dev/.ssh/id_rsa type -1
    25340: debug1: identity file /home/itg_dev/.ssh/id_rsa2 type 1
    25340: debug1: Remote protocol version 1.99, remote software version OpenSSH_2.9
    .9p2
    25340: debug1: match: OpenSSH_2.9.9p2 pat OpenSSH_2.*,OpenSSH_3.0*,OpenSSH_3.1*
    25340: Enabling compatibility mode for protocol 2.0
    25340: debug1: Local version string SSH-2.0-OpenSSH_3.4p1
    25340: debug1: Miscellaneous failure
    25340: debug1: No credentials cache file found
    25340: debug1: SSH2_MSG_KEXINIT sent
    25340: debug1: SSH2_MSG_KEXINIT received
    25340: debug1: kex: server->client arcfour hmac-md5 none
    25340: debug1: kex: client->server arcfour hmac-md5 none
    25340: debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
    25340: debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    25340: debug1: dh_gen_key: priv key bits set: 127/256
    sh-2.05$ ssh -v svc_psitgp@nldn1069dap.ldn date
    OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090607f
    26027: debug1: Reading configuration data /etc/opt/PERssh/ssh_config
    26027: debug1: Applying options for *
    26027: debug1: /etc/opt/PERssh/ssh_config line 24: Deprecated option "FallBackTo
    Rsh"
    26027: debug1: /etc/opt/PERssh/ssh_config line 25: Deprecated option "UseRsh"
    26027: debug1: Rhosts Authentication disabled, originating port will not be trus
    ted.
    26027: debug1: ssh_connect: needpriv 0
    26027: debug1: Connecting to nldn1069dap.ldn [139.149.50.203] port 22.
    26027: debug1: Connection established.
    26027: debug1: identity file /home/itg_dev/.ssh/identity type 2
    26027: debug1: identity file /home/itg_dev/.ssh/id_dsa type -1
    26027: debug1: identity file /home/itg_dev/.ssh/id_rsa1 type -1
    26027: debug1: identity file /home/itg_dev/.ssh/id_rsa type -1
    26027: debug1: identity file /home/itg_dev/.ssh/id_rsa2 type 1
    26027: debug1: Remote protocol version 1.99, remote software version OpenSSH_2.9
    .9p2
    26027: debug1: match: OpenSSH_2.9.9p2 pat OpenSSH_2.*,OpenSSH_3.0*,OpenSSH_3.1*
    26027: Enabling compatibility mode for protocol 2.0
    26027: debug1: Local version string SSH-2.0-OpenSSH_3.4p1
    26027: debug1: Miscellaneous failure
    26027: debug1: No credentials cache file found
    26027: debug1: SSH2_MSG_KEXINIT sent
    26027: debug1: SSH2_MSG_KEXINIT received
    26027: debug1: kex: server->client arcfour hmac-md5 none
    26027: debug1: kex: client->server arcfour hmac-md5 none
    26027: debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
    26027: debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    26027: debug1: dh_gen_key: priv key bits set: 137/256
    26027: debug1: bits set: 1570/3191
    26027: debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    26027: debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    26027: debug1: Host 'nldn1069dap.ldn' is known and matches the RSA host key.
    26027: debug1: Found key in /home/itg_dev/.ssh/known_hosts:10
    26027: debug1: bits set: 1613/3191
    26027: debug1: ssh_rsa_verify: signature correct
    26027: debug1: kex_derive_keys
    26027: debug1: newkeys: mode 1
    26027: debug1: SSH2_MSG_NEWKEYS sent
    26027: debug1: waiting for SSH2_MSG_NEWKEYS
    26027: debug1: newkeys: mode 0
    26027: debug1: SSH2_MSG_NEWKEYS received
    26027: debug1: done: ssh_kex2.
    26027: debug1: send SSH2_MSG_SERVICE_REQUEST
    26027: debug1: service_accept: ssh-userauth
    26027: debug1: got SSH2_MSG_SERVICE_ACCEPT
    26027: debug1: authentications that can continue: publickey,keyboard-interactive
    26027: debug1: next auth method to try is publickey
    26027: debug1: try pubkey: /home/itg_dev/.ssh/identity
    26027: debug1: input_userauth_pk_ok: pkalg ssh-dss blen 434 lastkey 0x8112b30 hi
    nt 0
    26027: debug1: read PEM private key done: type DSA
    26027: debug1: authentications that can continue: publickey,keyboard-interactive
    26027: debug1: try privkey: /home/itg_dev/.ssh/id_dsa
    26027: debug1: try privkey: /home/itg_dev/.ssh/id_rsa1
    26027: debug1: try privkey: /home/itg_dev/.ssh/id_rsa
    26027: debug1: try pubkey: /home/itg_dev/.ssh/id_rsa2
    26027: debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey 0x8112b50 hi
    nt 4
    26027: debug1: read PEM private key done: type RSA
    26027: debug1: authentications that can continue: publickey,keyboard-interactive
    26027: debug1: next auth method to try is keyboard-interactive
    26027: debug1: authentications that can continue: publickey,keyboard-interactive
    26027: debug1: no more auth methods to try
    26027: Permission denied (publickey,keyboard-interactive).

    Visit our website at http://www.ubs.com

    This message contains confidential information and is intended only
    for the individual named. If you are not the named addressee you
    should not disseminate, distribute or copy this e-mail. Please
    notify the sender immediately by e-mail if you have received this
    e-mail by mistake and delete this e-mail from your system.

    E-mail transmission cannot be guaranteed to be secure or error-free
    as information could be intercepted, corrupted, lost, destroyed,
    arrive late or incomplete, or contain viruses. The sender therefore
    does not accept liability for any errors or omissions in the contents
    of this message which arise as a result of e-mail transmission. If
    verification is required please request a hard-copy version. This
    message is provided for informational purposes and should not be
    construed as a solicitation or offer to buy or sell any securities or
    related financial instruments.

  • Next message: Paul Stepowski: "Re: Réf. : sftp hangs on tru64 5.1A"

    Relevant Pages

    • help with ssh
      ... debug1: Authentications that can continue: publickey,gssapi-with-mic,password ... debug2: we sent a gssapi-with-mic packet, ...
      (RedHat)
    • Re: SFTP/SCP connection prob
      ... debug1: Authentications that can continue: publickey,password,keyboard- ... debug2: we sent a publickey packet, ... which only supports SFTP/SCP protocal from server C ...
      (comp.security.unix)
    • Re: ssh gssapi-with-mic and "Key table entry not found"
      ... debug1: Connection established. ... debug1: Authentications that can continue: ... user matt service ssh-connection method gssapi-with-mic ...
      (comp.protocols.kerberos)
    • ssh gssapi-with-mic and "Key table entry not found"
      ... debug1: Connection established. ... debug1: Authentications that can continue: ... user matt service ssh-connection method gssapi-with-mic ...
      (comp.protocols.kerberos)
    • openssh + kerberos + windows ad
      ... debug1: Connection established. ... debug2: fd 3 setting O_NONBLOCK ... debug1: Authentications that can continue: ... we sent a gssapi-with-mic packet, ...
      (SSH)