RE:pubkey authentication problem (was: Re: Determine forwarded ports?)

From: "Mariyappan, Balaji (GE Indust, ES RAIL, consultant)" <balaji.mariyappan@xxxxxx>
Date: Tue, 27 Mar 2007 20:13:40 -0400

My apologies for hijecking the topic...

What is the changes i have to make in the ssh_config file?

my ssh_config file:

# $OpenBSD: ssh_config,v 1.16 2002/07/03 14:21:05 markus Exp $

# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for various options
# Host *
Host sftp.moore.com
Compression no
#ProxyCommand /usr/local/bin/corkscrew http-proxy-ssh.amer.consind.ge.com 8080 %h %p
#ProxyCommand /usr/local/bin/corkscrew ctplvsquidext.edc.ge.com 3128 %h %p
ProxyCommand /usr/local/bin/connect -d -H http-proxy-ssh.amer.consind.ge.com:8080 %h %p
# ForwardAgent no
# ForwardX11 no
# RhostsAuthentication no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
BatchMode yes
# BatchMode no
# CheckHostIP yes
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
IdentityFile ~/.ssh/infp_mw_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# EscapeChar ~

Actually the same set of public and private are working when i user the pinhole (without proxy command)
I don't know why this public and private key is not working through a ssh proxy.

You help will be really appreciated. Thanks in advance.

Thanks & Regards,
Balaji Mariyappan
GE Equipment services
Desk: 312.853.5056
Mobile: 312.213.7112

-----Original Message-----
From: Darren Tucker [mailto:dtucker@xxxxxxxxxx]
Sent: Tuesday, March 27, 2007 6:44 PM
To: Mariyappan, Balaji (GE Indust, ES RAIL, consultant)
Cc: secureshell@xxxxxxxxxxxxxxxxx
Subject: pubkey authentication problem (was: Re: Determine forwarded
ports?)

Mariyappan, Balaji (GE Indust, ES RAIL, consultant) wrote:
[...]

debug1: Authentications that can continue: publickey,password

The server allows password and public key authentication.

debug3: start over, passed a different list publickey,password
debug3: preferred publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred:
debug3: authmethod_is_enabled publickey

Your client is configured to try publickey only.

[...]

debug1: Trying private key: /opt/app/pmart8/.ssh/infp_mw_dsa
debug1: read PEM private key done: type DSA
debug3: sign_and_send_pubkey
debug2: we sent a publickey packet, wait for reply

[...]

debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.

The server did not accept the public key that your client sent. The
client was configured to not try any other methods so it gave up.

You should investigate the server to find out why it did not accept the
publickey authentication.

BTW it's polite to start a new thread for a new topic rather than
hijacking an existing one with a different topic.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Follow-Ups:
- Re: pubkey authentication problem
  - From: Darren Tucker

References:
- pubkey authentication problem (was: Re: Determine forwarded ports?)
  - From: Darren Tucker

Prev by Date: Re: pubkey authentication problem
Next by Date: Re: Can I prevent the ssh client from silencing banner in interactive mode?
Previous by thread: pubkey authentication problem (was: Re: Determine forwarded ports?)
Next by thread: Re: pubkey authentication problem
Index(es):
- Date
- Thread

Relevant Pages

OSX (OpenSSH) to GNU (SSH2) server authentication problems
... Your difficulty is with server authentication, ... > your OSX box's public hostkey and use that. ... I was able to get publickey authentication ... debug3: start over, passed a different list publickey,password ...
(comp.security.ssh)
Problem with OpenSSH
... debug3: start over, passed a different list ... debug3: authmethod_lookup publickey ... debug1: next auth method to try is publickey ... debug2: we sent a publickey packet, ...
(comp.security.ssh)
public key authentication problem
... I'm trying to use public key authentication for ssh, ... debug3: preferred publickey,keyboard-interactive,password ... debug3: authmethod_is_enabled publickey ... debug1: Next authentication method: publickey ...
(SSH)
SUMMARY: SSH Problem --WITH NEW PROBLEM--
... debug3: start over, passed a different list publickey,password,keyboard-interactive ... debug3: authmethod_is_enabled publickey ... debug2: we sent a publickey packet, ... debug1: authentications that can continue: publickey,password,keyboard-interactive ...
(SunManagers)
public key auth using exported putty keys.
... I have openssh version 3.4p1 on two linux boxes. ... debug1: got SSH2_MSG_SERVICE_ACCEPT ... debug3: preferred publickey,keyboard-interactive,password ... debug3: authmethod_is_enabled publickey ...
(comp.security.ssh)