trouble with passwdless

• Previous message: Drew Myers: "PuTTY to OpenSSH via Exceed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: fil krohnengold <no@mail.thanks>
Date: Tue, 26 Mar 2002 20:24:09 GMT

openssh3.1p1 on solaris 2.6

two users - same machine - so same sshd_config, etc..

Both users did the following.

  cd .ssh
  rm *
  ssh-keygen -tdsa
  (no pass phrase)
  cat id_dsa.pub > authorized keys
  ssh 0 echo foo

one prompts for a password - the other does not. ssh -v follows:

  success: egg:~/.ssh> ssh -v 0 echo foo
  OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f
  debug1: Reading configuration data /usr/local/etc/ssh_config
  debug1: Rhosts Authentication disabled, originating port will not be trusted.
  debug1: restore_uid
  debug1: ssh_connect: getuid 774 geteuid 0 anon 1
  debug1: Connecting to 0 [0.0.0.0] port 22.
  debug1: temporarily_use_uid: 774/14 (e=0)
  debug1: restore_uid
  debug1: temporarily_use_uid: 774/14 (e=0)
  debug1: restore_uid
  debug1: Connection established.
  debug1: read PEM private key done: type DSA
  debug1: read PEM private key done: type RSA
  debug1: identity file /u3/fil/.ssh/identity type -1
  debug1: identity file /u3/fil/.ssh/id_rsa type -1
  debug1: identity file /u3/fil/.ssh/id_dsa type 2
  debug1: Remote protocol version 1.99, remote software version OpenSSH_3.1p1
  debug1: match: OpenSSH_3.1p1 pat OpenSSH*
  Enabling compatibility mode for protocol 2.0
  debug1: Local version string SSH-2.0-OpenSSH_3.1p1
  debug1: SSH2_MSG_KEXINIT sent
  debug1: SSH2_MSG_KEXINIT received
  debug1: kex: server->client aes128-cbc hmac-md5 none
  debug1: kex: client->server aes128-cbc hmac-md5 none
  debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
  debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
  debug1: dh_gen_key: priv key bits set: 128/256
  debug1: bits set: 1027/2049
  debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
  debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
  debug1: Host '0' is known and matches the RSA host key.
  debug1: Found key in /u3/fil/.ssh/known_hosts:1
  debug1: bits set: 1014/2049
  debug1: ssh_rsa_verify: signature correct
  debug1: kex_derive_keys
  debug1: newkeys: mode 1
  debug1: SSH2_MSG_NEWKEYS sent
  debug1: waiting for SSH2_MSG_NEWKEYS
  debug1: newkeys: mode 0
  debug1: SSH2_MSG_NEWKEYS received
  debug1: done: ssh_kex2.
  debug1: send SSH2_MSG_SERVICE_REQUEST
  debug1: service_accept: ssh-userauth
  debug1: got SSH2_MSG_SERVICE_ACCEPT
  debug1: authentications that can continue: publickey,password,keyboard-interactive
  debug1: next auth method to try is publickey
  debug1: try privkey: /u3/fil/.ssh/identity
  debug1: try privkey: /u3/fil/.ssh/id_rsa
  debug1: try pubkey: /u3/fil/.ssh/id_dsa
  debug1: input_userauth_pk_ok: pkalg ssh-dss blen 434 lastkey 109a00 hint 2
  debug1: read PEM private key done: type DSA
  debug1: ssh-userauth2 successful: method publickey
  debug1: channel 0: new [client-session]
  debug1: send channel open 0
  debug1: Entering interactive session.
  debug1: ssh_session2_setup: id 0
  debug1: Sending command: echo foo
  6m
  debug1: channel request 0: exec
  debug1: channel 0: open confirm rwindow 0 rmax 32768
  debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
  debug1: channel 0: rcvd eof
  debug1: channel 0: output open -> drain
  debug1: channel 0: rcvd close
  debug1: channel 0: close_read
  debug1: channel 0: input open -> closed
  foo
  debug1: channel 0: obuf empty
  debug1: channel 0: close_write
  debug1: channel 0: output drain -> closed
  debug1: channel 0: almost dead
  debug1: channel 0: gc: notify user
  debug1: channel 0: gc: user detached
  debug1: channel 0: send close
  debug1: channel 0: is dead
  debug1: channel 0: garbage collecting
  debug1: channel_free: channel 0: client-session, nchannels 1
  debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.1 seconds
  debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
  debug1: Exit status 0
  egg:~/.ssh>

failed:

  bash$ ssh -v 0 echo foo
  OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f
  debug1: Reading configuration data /usr/local/etc/ssh_config
  debug1: Rhosts Authentication disabled, originating port will not be trusted.
  debug1: restore_uid
  debug1: ssh_connect: getuid 50503 geteuid 0 anon 1
  debug1: Connecting to 0 [0.0.0.0] port 22.
  debug1: temporarily_use_uid: 50503/1 (e=0)
  debug1: restore_uid
  debug1: temporarily_use_uid: 50503/1 (e=0)
  debug1: restore_uid
  debug1: Connection established.
  debug1: read PEM private key done: type DSA
  debug1: read PEM private key done: type RSA
  debug1: identity file /local/pkg/.ssh/identity type -1
  debug1: identity file /local/pkg/.ssh/id_rsa type -1
  debug1: identity file /local/pkg/.ssh/id_dsa type 2
  debug1: Remote protocol version 1.99, remote software version OpenSSH_3.1p1
  debug1: match: OpenSSH_3.1p1 pat OpenSSH*
  Enabling compatibility mode for protocol 2.0
  debug1: Local version string SSH-2.0-OpenSSH_3.1p1
  debug1: SSH2_MSG_KEXINIT sent
  debug1: SSH2_MSG_KEXINIT received
  debug1: kex: server->client aes128-cbc hmac-md5 none
  debug1: kex: client->server aes128-cbc hmac-md5 none
  debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
  debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
  debug1: dh_gen_key: priv key bits set: 130/256
  debug1: bits set: 1000/2049
  debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
  debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
  debug1: Host '0' is known and matches the RSA host key.
  debug1: Found key in /local/pkg/.ssh/known_hosts:1
  debug1: bits set: 1056/2049
  debug1: ssh_rsa_verify: signature correct
  debug1: kex_derive_keys
  debug1: newkeys: mode 1
  debug1: SSH2_MSG_NEWKEYS sent
  debug1: waiting for SSH2_MSG_NEWKEYS
  debug1: newkeys: mode 0
  debug1: SSH2_MSG_NEWKEYS received
  debug1: done: ssh_kex2.
  debug1: send SSH2_MSG_SERVICE_REQUEST
  debug1: service_accept: ssh-userauth
  debug1: got SSH2_MSG_SERVICE_ACCEPT
  debug1: authentications that can continue: publickey,password,keyboard-interactive
  debug1: next auth method to try is publickey
  debug1: try privkey: /local/pkg/.ssh/identity
  debug1: try privkey: /local/pkg/.ssh/id_rsa
  debug1: try pubkey: /local/pkg/.ssh/id_dsa
  debug1: authentications that can continue: publickey,password,keyboard-interactive
  debug1: next auth method to try is keyboard-interactive
  debug1: authentications that can continue: publickey,password,keyboard-interactive
  debug1: next auth method to try is password
  pkgdist@0's password:
  bash$

Whoda?

thx

-fil

• Next message: Dominik Weiß: "SSH Server under Windows"
• Previous message: Drew Myers: "PuTTY to OpenSSH via Exceed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Trouble with ssh secure tunnel for VNC ... "work" using VNC through a ssh tunnel with port forwarding. ... on work and issuing the command 'vncviewer work:1' from home. ... debug1: Connections to local port 5902 forwarded to remote address work:5901 ... debug1: channel 2: new ... (comp.security.ssh) Re: Trouble using VNC thru a ssh tunnel ... "work" using VNC through a ssh tunnel with port forwarding. ... > debug1: fd 8 setting TCP_NODELAY ... > debug1: channel 2: obuf empty ... > on both machines for a short period of time, ... (comp.os.linux.security) X11 forwarding help ... I'm using ssh to do X11 forwarding over a gateway and it seems to work fine ... debug1: Rhosts Authentication disabled, ... debug3: check_host_in_hostfile: match line 5 ... debug1: channel 0: new ... (SSH) RE: X11 forwarding help ... Subject: X11 forwarding help ... debug1: Rhosts Authentication disabled, ... debug3: check_host_in_hostfile: match line 5 ... debug1: channel 0: new ... (SSH) Are remote pipes fixed in 3.5? ... > and ssh will never return. ... SSH2 will shut down the channel without telling the ... > remote side that stdout has closed. ... > debug1: channel request 0: exec ... (SSH)