Public Key Authentication Fails

From: Robin Strahan (noprobsucd_at_hotmail.com)
Date: 10/26/04

• Next message: dennis: "Re: agent forwarding hop limit"
• Previous message: bagdad: "Re: secure-tunnel.com status?"
• Next in thread: Darren Tucker: "Re: Public Key Authentication Fails"
• Reply: Darren Tucker: "Re: Public Key Authentication Fails"
• Reply: Bjørn Augestad: "Re: Public Key Authentication Fails"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 26 Oct 2004 11:43:31 +0100

Hey NG,

I'm trying to get public key authentication (password less) to work, but I'm
having no luck. I've followed all the guides I can find and it still won't
work. I'm sure I'm missing just one small thing but I jsut can't see it.
Hopefully someone here can.

So here's my setup: (Excuse the length, I want to give as much info as I
can)

Remote server:
Win2K SP4
Cygwin (Version 1.5.11)
OpenSSH (downloaded via Cygwin installer. Version OpenSSH_3.9p1, OpenSSL
0.9.7d 17 Mar 2004)
sshd is run as a service using "cygrunsrv sshd".

In ssh_config I uncommented the line IdentityFile ~/.ssh/id_rsa
In sshd_config:
    StrictModes No
    PubkeyAuthenication yes
    AuthorizedKeyFile .ssh/authorized_keys
are all uncommented.

Local Client
Win XP SP2
Cygwin (Version 1.5.11)
OpenSSH (downloaded via Cygwin installer. Version OpenSSH_3.9p1, OpenSSL
0.9.7d 17 Mar 2004)

local user is different from remote user.

'ssh remoteuser@remotemachine' works if I enter a password.

Here are the steps I've taken to generate the public and private keys:

On local machine
1) ssh-keygen -t rsa
2) default name and no passphrase used.
3) chmod id_rsa to 600 and id_rsa.pub to 640
4) scp ~/.ssh/id_rsa.pub remoteuser@remotemachine:.ssh/

On remote machine
1) cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
2) chmod authorized keys to 600

But when I logout and then try to log back in I still get asked for my
password. Here is the output of the verbose login attempt.

OpenSSH_3.9p1, OpenSSL 0.9.7d 17 Mar 2004
debug1: Connecting to remotemachine [x.x.x.x] port 22.
debug1: Connection established.
debug1: identity file /home/local user/.ssh/identity type -1
debug1: identity file /home/local user/.ssh/id_rsa type 1
debug1: identity file /home/local user/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.9p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'remotemachine' is known and matches the RSA host key.
debug1: Found key in /home/local user/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue:
publickey,password,keyboard-interacti
ve
debug1: Next authentication method: publickey
debug1: Trying private key: /home/local user/.ssh/identity
debug1: Offering public key: /home/local user/.ssh/id_rsa
debug1: Authentications that can continue:
publickey,password,keyboard-interacti
ve
debug1: Trying private key: /home/local user/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue:
publickey,password,keyboard-interacti
ve
debug1: Next authentication method: password
remotesuer@remotemachine's password:

And thats it! I'm stuck!
I tried the putty method outlined in
http://groups.google.ie/groups?hl=en&lr=&safe=off&selm=fa.ctsn31h.n3e7jl%40ifi.uio.no
but that also failed to work.

Can anyone shed some light on the subject?

thanks in advance for you help
Robin

• Next message: dennis: "Re: agent forwarding hop limit"
• Previous message: bagdad: "Re: secure-tunnel.com status?"
• Next in thread: Darren Tucker: "Re: Public Key Authentication Fails"
• Reply: Darren Tucker: "Re: Public Key Authentication Fails"
• Reply: Bjørn Augestad: "Re: Public Key Authentication Fails"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: ssh on AIX 4.3.3 ... debug1: Next authentication method: publickey ... debug1: Next authentication method: keyboard-interactive ... ownerships and permissions on the remote server. ... (comp.unix.aix) OpenSSH 3.51p1 X11 forwarding problem a new time ... Running OpenSSH 3.51p1 server and client on solaris 8. ... I have no account on the server but I am authenticate by the LDAP ... X11 connection rejected because of wrong authentication. ... debug1: Rhosts Authentication disabled, ... (comp.security.ssh) Re: SSH from windows to linux using public key authentication ... Linux Linux wrote: ... public key authentication. ... I have copied exact same public key to my Prolinux and it's not working. ... debug1: Next authentication method: publickey ... (RedHat) Re: ssh client problem ... authentication method he does not want to use. ... >debug1: Connection established. ... >debug2: we did not send a packet, ... we sent a password packet, ... (comp.os.linux.misc) Re: pubkey authentication problem ... The RSA client key generated by F-Secure ... But the key still doesn't work for authentication. ... debug1: done: KEX2. ... userauth-request for user schmidt service ssh-connection ... (comp.security.ssh)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint