Bad passphrase with public key authentication



Hey everybody, 

I'm having the strangest error using ssh.

I'm setting up my server to use public key authentication.

I'm using my macbook as a client and my ubuntu server for the ssh server.

When at first I didn't succeed to make a connection I tried to connect from my server to my macbook.
Just to make sure I wasn't making any stupid mistakes.

Now when I tried to connect to my server from my macbook I just won't accept the password for my key.

I tried generating and using different keys. I used one without password, one with a simple password 'test'.

And still every time again the ssh server is complaining : "bad passphrase given, try again..." .
I'm 100% sure it isn't my macbook because I use a ssh key pair to logon my remote subversion
server also using a password for the keys.

Could any body help me I'm really desperate at this moment.

This is the sshd_config file from my server :

### Networking options ###
#standard port
Port 22
# Restrict to listen only ipv4 inet = IPv4, inet6 = IPv6 any = both
#AddressFamily inet

# Listen only to this interface
ListenAddress 192.168.1.50

# Only use protocol 2
Protocol 2

# Disable XForwarding
X11Forwarding no

# Disable TCPKeepAlive and use ClientAliveInterval instead to prevent TCP Spoofing attacks
TCPKeepAlive no
ClientAliveInterval 600
ClientAliveCountMax 3

### Networking options ###

### Key Configurations ###

# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key

#Privilege Separation is turned on for security
UsePrivilegeSeparation yes

# Use public key authentication
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys2

# Disable black listed key usage (update your keys!)
PermitBlacklistedKeys no

#### Key Configuration ####

#### Authentication ####

# Whitelist allowed users
# AllowUsers user1 user2

# Two minutes to enter your key passphrase
LoginGraceTime 120

# No root login
PermitRootLogin yes

# Force permissions checks on keyfiles and directories
StrictModes yes

# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes

# similar for protocol version 2
HostbasedAuthentication no

# Don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
IgnoreUserKnownHosts yes

# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Disable challenge and response auth. Unessisary when using keys
ChallengeResponseAuthentication yes

# Disable the use of passwords completly, only use public/private keys
PasswordAuthentication yes

# Using keys, no need for PAM. Also allows SSHD to be run as a non-root user
UsePAM no

# Don't use login(1)
UseLogin no

#### Authentication ####

#### Misc ####

# Logging
SyslogFacility AUTH
LogLevel DEBUG3

# Print the last time the user logged in
PrintLastLog yes
PrintMotd yes

MaxAuthTries 4

MaxStartups 10:30:60

# Display login banner
Banner /etc/issue.net

# Allow client to pass locale environment variables
AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

#### Misc ####

Thanks a lot in advance.

Kind regards,

Niels Stevens


--- news://freenews.netfront.net/ - complaints: news@xxxxxxxxxxxx ---
.



Relevant Pages

  • Re: What doesnt lend itself to OO?
    ... >> proxy and instructs the server to constuct the real object. ... rather than client code. ... If 'clock' is instantiated in the server, ... > for the server interface at the OOA level. ...
    (comp.object)
  • Re: More Get-IPlayer Questions
    ... to use with mutt mail client. ... antinat - 0.90-4 - Antinat is a flexible SOCKS server and client ... protocol for Sybase or MS SQL Server. ... ifstat - 1.1-1 - InterFace STATistics Monitoring ...
    (uk.comp.os.linux)
  • This is going straight to the pool room
    ... or not the client has privilege to do what they're trying to do, ... The server environment is this: ... 3GL User action Routines that Tier3 will execute on your behalf during the ... Routine Name: USER_INIT ...
    (comp.os.vms)
  • [Full-Disclosure] R: Full-Disclosure Digest, Vol 3, Issue 42
    ... Full-Disclosure Digest, Vol 3, Issue 42 ... SD Server 4.0.70 Directory Traversal Bug ... Arkeia Network Backup Client Remote Access ...
    (Full-Disclosure)
  • Re: What doesnt lend itself to OO?
    ... > rather than client code. ... no way to do that without also touching the object with clock semantics ... will not encapsulate both clock semantics and network semantics. ... The server can do whatever it wants ...
    (comp.object)