help? ssh connect w/ DSA pubkey auth keeps asking for passphrase; w/ RSA pubkey auth, all is OK
From: OpenMacNews (OpenMacNews_at_speakeasy.net)
Date: 09/04/05
- Previous message: Greg Wooledge: "Re: User name prompt with ssh"
- Next in thread: Alexey G. Khramkov: "Re: help? ssh connect w/ DSA pubkey auth keeps asking for passphrase; w/ RSA pubkey auth, all is OK"
- Reply: Alexey G. Khramkov: "Re: help? ssh connect w/ DSA pubkey auth keeps asking for passphrase; w/ RSA pubkey auth, all is OK"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 04 Sep 2005 12:51:31 -0700 To: secureshell@securityfocus.com
hi all,
i've:
% ssh -V
OpenSSH_4.1p1, OpenSSL 0.9.7g 11 Apr 2005
% uname -a
Darwin devbox 8.2.0 Darwin Kernel Version 8.2.0: Fri Jun 24 17:46:54 PDT 2005;
root:xnu-792.2.4.obj~3/RELEASE_PPC Power Macintosh powerpc
i've created two ssh passphrase-less keypairs for my machine, 'devbox', one RSA
and one DSA, using:
ssh-keygen -b 2048 -t rsa -f /usr/local/etc/ssh/rsakeys/ssh.devbox.rsa -N "" -C
"root@devbox"
ssh-keygen -b 2048 -t dsa -f /usr/local/etc/ssh/dsakeys/ssh.devbox.dsa -N "" -C
"root@devbox"
after propagating both pubkeys to another box ('myserver'), if i 'ssh' to
'myserver' using the RSA key as an identity file:
IdentityFile /usr/local/etc/ssh/rsakeys/ssh.devbox.rsa.pub
all is OK. i can immediately connect via pubkey auth with no error ...
however, if i try the exact same thing but, with the DSA ident file:
IdentityFile /usr/local/etc/ssh/dsakeys/ssh.devbox.dsa.pub
on connection attempt, i get an error:
PEM_read_PrivateKey failed
and a request for a passphrase:
...
debug1: Host 'devbox.mydomain.com' is known and matches the DSA host key.
debug1: Found key in /usr/local/etc/ssh/authorized_keys2:1
debug2: bits set: 500/1024
debug1: ssh_dss_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /usr/local/etc/ssh/dsakeys/ssh.devbox.dsa.pub (0x401d10)
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /usr/local/etc/ssh/dsakeys/ssh.devbox.dsa.pub
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-dss blen 818
debug2: input_userauth_pk_ok: fp
74:3f:c7:96:12:9e:6d:88:8e:bc:21:56:d3:40:9f:e3
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/usr/local/etc/ssh/dsakeys/ssh.devbox.dsa.pub':
i've googled, and all i'm finding (so far) is advice to create the DSA keys
without passphrase ...
which, as above, i have already, i believe, done correctly, and checked &
re-checked ...
suggestions?
thx!
richard
- application/pgp-signature attachment: stored
- Previous message: Greg Wooledge: "Re: User name prompt with ssh"
- Next in thread: Alexey G. Khramkov: "Re: help? ssh connect w/ DSA pubkey auth keeps asking for passphrase; w/ RSA pubkey auth, all is OK"
- Reply: Alexey G. Khramkov: "Re: help? ssh connect w/ DSA pubkey auth keeps asking for passphrase; w/ RSA pubkey auth, all is OK"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
