Re: SSH unable to use pub/priv keys rh7.2

From: sacha (interlopr_007@yahoo.com)
Date: 01/30/02 

From: sacha <interlopr_007@yahoo.com>
Date: Wed, 30 Jan 2002 22:47:36 GMT

OK I can ssh prot 2 to localhost now...
Was a bad permission on ~/.ssh
Though putty is still asking for the password when I copy id_rsa to it.

sacha <interloper@visto.com> wrote:
>Ack, I've been through everything trying to figure this out.
>I've got RH 7.2 openssh 2.9p2
>I've done ssh-keygen -t rsa and have
>id_rsa & id_rsa.pub in my home dir
>I've copied id_rsa.pub to authorized_keys2
>but I can't even connect to the localhost with my priv key
>only password auth work... I've been racking my brains.
>Using the id_rsa & putty didn't work either of course.
>
>sshd_config
># $OpenBSD: sshd_config,v 1.38 2001/04/15 21:41:29 deraadt Exp $
>
># This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
>
># This is the sshd server system-wide configuration file. See sshd(8)
># for more information.
>
>Port 22
>Protocol 2,1
>#ListenAddress 0.0.0.0
>#ListenAddress ::
>HostKey /etc/ssh/ssh_host_key
>HostKey /etc/ssh/ssh_host_rsa_key
>HostKey /etc/ssh/ssh_host_dsa_key
>ServerKeyBits 768
>LoginGraceTime 600
>KeyRegenerationInterval 3600
>PermitRootLogin no
>#
># Don't read ~/.rhosts and ~/.shosts files
>IgnoreRhosts yes
># Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
>#IgnoreUserKnownHosts yes
>StrictModes yes
>X11Forwarding yes
>X11DisplayOffset 10
>PrintMotd yes
>#PrintLastLog no
>KeepAlive yes
>
># Logging
>SyslogFacility AUTHPRIV
>LogLevel VERBOSE
>#obsoletes QuietMode and FascistLogging
>
>RhostsAuthentication no
>#
># For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
>RhostsRSAAuthentication no
># similar for protocol version 2
>HostbasedAuthentication no
>#
>RSAAuthentication yes
>
># To disable tunneled clear text passwords, change to no here!
>PasswordAuthentication yes
>PermitEmptyPasswords no
>
># Uncomment to disable s/key passwords
>#ChallengeResponseAuthentication no
>
># Uncomment to enable PAM keyboard-interactive authentication
># Warning: enabling this may bypass the setting of 'PasswordAuthentication'
>#PAMAuthenticationViaKbdInt yes
>
># To change Kerberos options
>#KerberosAuthentication no
>#KerberosOrLocalPasswd yes
>#AFSTokenPassing no
>#KerberosTicketCleanup no
>
># Kerberos TGT Passing does only work with the AFS kaserver
>#KerberosTgtPassing yes
>
>#CheckMail yes
>#UseLogin no
>
>#MaxStartups 10:30:60
>#Banner /etc/issue.net
>#ReverseMappingCheck yes
>
>Subsystem sftp /usr/libexec/openssh/sftp-server
>
>puttylog of ssh -v -v -v -2 localhost
>
>=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2002.01.30 12:51:17 =~=~=~=~=~=~=~=~=~=~=~=
>login as: user1
>user1@192.168.0.1's password:
>Last login: Wed Jan 30 12:51:06 2002 from user1.physimetrics.com [user1@linux user1]$ ssh -2 -v -v -v localhost
>OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
>debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for *
>debug1: Seeding random number generator debug1: Rhosts Authentication disabled, originating port will not be trusted.
>debug1: restore_uid
>debug1: ssh_connect: getuid 500 geteuid 0 anon 1 debug1: Connecting to localhost [127.0.0.1] port 22.
>debug1: temporarily_use_uid: 500/500 (e=0) debug1: restore_uid debug1: temporarily_use_uid: 500/500 (e=0)
>debug1: restore_uid debug1: Connection established.
>debug1: read PEM private key done: type DSA debug1: read PEM private key done: type RSA
>debug1: identity file /home/user1/.ssh/identity type -1
>debug3: No RSA1 key file /home/user1/.ssh/id_rsa.
>debug2: key_type_from_name: unknown key type '-----BEGIN'
>debug2: key_type_from_name: unknown key type '-----END'
>debug3: key_read: no key found
>debug1: identity file /home/user1/.ssh/id_rsa type 1
>debug1: Remote protocol version 1.99, remote software version OpenSSH_2.9p2
>debug1: match: OpenSSH_2.9p2 pat ^OpenSSH Enabling compatibility mode for protocol 2.0
>debug1: Local version string SSH-2.0-OpenSSH_2.9p2
>debug1: SSH2_MSG_KEXINIT sent
>debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
>debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
>debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se
>debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se
>debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
>debug2: kex_parse_kexinit: none
>debug2: kex_parse_kexinit: none
>debug2: kex_parse_kexinit:
>debug2: kex_parse_kexinit:
>debug2: kex_parse_kexinit: first_kex_follows 0
>debug2: kex_parse_kexinit: reserved 0
>debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
>debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se
>debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se
>debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
>debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib
>debug2: kex_parse_kexinit:
>debug2: kex_parse_kexinit:
>debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0
>debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none
>debug2: mac_init: found hmac-md5
>debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
>debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
>debug1: dh_gen_key: priv key bits set: 114/256
>debug1: bits set: 1028/2049
>debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
>debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
>debug1: Forcing accepting of host key for loopback/localhost.
>debug1: bits set: 1049/2049
>debug1: ssh_rsa_verify: signature correct
>debug1: kex_derive_keys
>debug1: newkeys: mode 1
>debug1: SSH2_MSG_NEWKEYS sent
>debug1: waiting for SSH2_MSG_NEWKEYS
>debug1: newkeys: mode 0
>debug1: SSH2_MSG_NEWKEYS received
>debug1: done: ssh_kex2.
>debug1: send SSH2_MSG_SERVICE_REQUEST
>debug1: service_accept: ssh-userauth
>debug1: got SSH2_MSG_SERVICE_ACCEPT
>debug1: authentications that can continue: publickey,password,keyboard-interactive
>debug3: start over, passed a different list publickey,password,keyboard-interactive
>debug3: preferred publickey,password,keyboard-interactive
>debug3: authmethod_lookup publickey
>debug3: remaining preferred: password,keyboard-interactive
>debug3: authmethod_is_enabled publickey
>debug1: next auth method to try is publickey
>debug1: try privkey: /home/user1/.ssh/identity
>debug3: no such identity: /home/user1/.ssh/identity
>debug1: try pubkey: /home/user1/.ssh/id_rsa
>debug3: send_pubkey_test
>debug2: we sent a publickey packet, wait for reply
>debug1: authentications that can continue: publickey,password,keyboard-interactive
>debug2: we did not send a packet, disable method
>debug3: authmethod_lookup password
>debug3: remaining preferred: keyboard-interactive
>debug3: authmethod_is_enabled password
>debug1: next auth method to try is password user1@localhost's password:
>debug2: packet_inject_ignore: current 59
>debug2: packet_inject_ignore: block 16 have 4 nb 4 mini 1 need 4
>debug2: we sent a password packet, wait for reply
>debug1: ssh-userauth2 successful: method password
>debug3: clear hostkey 0
>debug3: clear hostkey 1
>debug3: clear hostkey 2
>debug1: channel 0: new [client-session]
>debug1: channel_new: 0
>debug1: send channel open 0
>debug1: Entering interactive session.
>
>
>
>

Relevant Pages