Re: ssh can't connect localhost?
From: hushui (hushui110@sohu.com)Date: 05/29/02
- Next message: Andreas Donath: "OpenSSH 3.2.3p1 and AFS-Tokenpassing"
- Previous message: Atro Tossavainen: "Re: [Re]How to restrict the ssh version banner ?"
- In reply to: hushui: "Re: ssh can't connect localhost?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: hushui110@sohu.com (hushui) Date: 29 May 2002 06:50:25 -0700
I am sorry the former problem is generated because of a mistake in
file of ssh_config . But since I star sshd with tcpd ,I don't see the
debug information.
Now ,come to the corrent problem.
I'd like to make my problem more clearly .
System : readhat 6.22 ,kernel 2.2.14
Openssh : OpenSSH_3.2.2p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f
I have generate all keys ,rsa1(only used with ssh1??), rsa and dsa.
[hushui@hushui .ssh]$ ll
total 4
-rw-r--r-- 1 hushui bin 603 May 29 05:16
authorized_keys
-rw------- 1 hushui bin 736 May 29 05:07 id_dsa
-rw-r--r-- 1 hushui bin 603 May 29 05:07 id_dsa.pub
-rw-r--r-- 1 hushui bin 1093 May 29 05:32 known_hosts
[hushui@hushui .ssh]$ ssh -v hushui
OpenSSH_3.2.2p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 500 geteuid 0 anon 1
debug1: Connecting to hushui [127.0.0.1] port 22.
debug1: temporarily_use_uid: 500/1 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 500/1 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/hushui/.ssh/identity type -1
debug1: identity file /home/hushui/.ssh/id_rsa type -1
debug1: identity file /home/hushui/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.2.2p1
debug1: match: OpenSSH_3.2.2p1 pat OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.2.2p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 138/256
debug1: bits set: 1590/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'hushui' is known and matches the RSA host key.
debug1: Found key in /home/hushui/.ssh/known_hosts:3
debug1: bits set: 1657/3191
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: try privkey: /home/hushui/.ssh/identity
debug1: try privkey: /home/hushui/.ssh/id_rsa
debug1: try pubkey: /home/hushui/.ssh/id_dsa
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is password
hushui@hushui's password:
....
debug1: no more auth methods to try
Permission denied (publickey,password,keyboard-interactive).
debug1: Calling cleanup 0x80601a4(0x0)
[hushui@hushui .ssh]$
This time I failed . But when I copy
[hushui@hushui .ssh]$ ssh -v hushui
OpenSSH_3.2.2p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 500 geteuid 0 anon 1
debug1: Connecting to hushui [127.0.0.1] port 22.
debug1: temporarily_use_uid: 500/1 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 500/1 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/hushui/.ssh/identity type -1
debug1: identity file /home/hushui/.ssh/id_rsa type -1
debug1: identity file /home/hushui/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.2.2p1
debug1: match: OpenSSH_3.2.2p1 pat OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.2.2p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 138/256
debug1: bits set: 1590/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'hushui' is known and matches the RSA host key.
debug1: Found key in /home/hushui/.ssh/known_hosts:3
debug1: bits set: 1657/3191
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: try privkey: /home/hushui/.ssh/identity
debug1: try privkey: /home/hushui/.ssh/id_rsa
debug1: try pubkey: /home/hushui/.ssh/id_dsa
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is password
hushui@hushui's password:
debug1: authentications that can continue:
publickey,password,keyboard-interactive
Permission denied, please try again.
hushui@hushui's password:
debug1: authentications that can continue:
publickey,password,keyboard-interactive
Permission denied, please try again.
hushui@hushui's password:
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: no more auth methods to try
Permission denied (publickey,password,keyboard-interactive).
debug1: Calling cleanup 0x80601a4(0x0)
[hushui@hushui .ssh]$ cp id_dsa.pub authorized_keys
[hushui@hushui .ssh]$ ssh -v hushui
OpenSSH_3.2.2p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f
......................
debug1: input_userauth_pk_ok: pkalg ssh-dss blen 433 lastkey 0x80fb160
hint 2
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/home/hushui/.ssh/id_dsa':<there I unter the
password>
debug1: read PEM private key done: type DSA
debug1: ssh-userauth2 successful: method publickey
debug1: channel 0: new [client-session]
debug1: send channel open 0
debug1: Entering interactive session.
debug1: ssh_session2_setup: id 0
debug1: channel request 0: pty-req
debug1: channel request 0: shell
debug1: fd 3 setting TCP_NODELAY
debug1: channel 0: open confirm rwindow 0 rmax 32768
Last login: Wed May 29 05:43:57 2002 from hushui.
......... login in ok
It seems strange. I have checked the manual of "ssh"
..........
The user should then copy the identity.pub to
$HOME/.ssh/authorized_keys in his/her home directory on the remote
machine .After this, the user can log in without giving the password.
RSA authentication is much more secure than rhosts authentication.
...........
Does we must create authorized_keys when use SSH2 ??
And it is used for logining without type passowd only to SSH1
protocol??
BTW , I can't login in using rsa(SSH1) after I create keys using
"ssh-keygen -t rsa" . How to do with it ?? The most important thing
is that I want to login my machinery with SecurityCRT in windows.
Still this always says "password authentication faild" .
Can anyone help me ?
- Next message: Andreas Donath: "OpenSSH 3.2.3p1 and AFS-Tokenpassing"
- Previous message: Atro Tossavainen: "Re: [Re]How to restrict the ssh version banner ?"
- In reply to: hushui: "Re: ssh can't connect localhost?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
