Re: Authentication with SSH using public keys



On Fri, Oct 31, 2008 at 6:46 PM, आशीष शुक्ल Ashish Shukla
<wahjava.ml@xxxxxxxxx> wrote:
In <200810311652.38230.af300wsm@xxxxxxxxx>, Andrew Falanga wrote:

Hi,

My father recently setup a new 7.0-Release system for some web
development. I use ssh to login remotely. I've normally not had any
trouble configuring authentication through public key encryption using
ssh-keygen and such. I have for myself a id_rsa.pub and an id_rsa key pair
that I use for this purpose.

Normally, I just copy, via scp, the file id_rsa.pub to my
~/.ssh/authorized_keys file on the remote host and the next time I attempt a
login all is well. That is, I don't have to enter my password. However, on
my Dad's new machine, this isn't the case. I still have to enter the
password.

Now, I've looked through his /etc/ssh/sshd_config file and nothing in
there looks odd, or different, from other remote hosts I do this on. So,
I'm embedding a copy/paste of an ssh login session on my father's host using
-v -v to ssh:

[/usr/home/andy/MCH]
-> ssh -v -v malumgat

[...]

debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/andy/.ssh/identity
debug1: Offering public key: /home/andy/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,keyboard-interactive

It seems OpenSSH (on your dad's box) hasn't recognized your private key, so
how about checking permissions of ~/.ssh/authorized_keys and ~/.ssh on his
box. Or how about enabling verbose logging on his box, using 'LogLevel'
parameter in sshd_config.

HTH
Ashish Shukla

The permissions on the machine where it works:
[www:/home/afalanga]
-> ls -la .ssh/
total 6
drwxr-xr-x 2 afalanga staff 512 Sep 28 03:33 .
drwxr-xr-x 3 afalanga staff 512 Oct 29 08:31 ..
-rw-r--r-- 1 afalanga staff 393 Sep 28 03:33 authorized_keys

The permissions on the machine where it doesn't work:
[andy@mch ~]$ ls -la .ssh/
total 6
drwxrwxr-x 2 andy wheel 512 Oct 10 04:30 .
drwxr-xr-x 4 andy wheel 512 Oct 31 06:30 ..
-rw-r--r-- 1 andy wheel 393 Oct 28 10:01 authorized_keys

I see a difference in that the directory on the machine where it
doesn't work is writable to the group, but on the machine where it
does work the directory isn't writable. Other than that, the
permissions don't look different, do they?

Andy
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: Authentication with SSH using public keys
    ... I use ssh to login remotely. ... Normally, I just copy, via scp, the file id_rsa.pub to my ~/.ssh/authorized_keys file on the remote host and the next time I attempt a login all is well. ... Now, I've looked through his /etc/ssh/sshd_config file and nothing in there looks odd, or different, from other remote hosts I do this on. ...
    (freebsd-questions)
  • Re: Remote login, graphically?
    ... I have installed Ubuntu on my mother's machine. ... I have tunneled X through SSH with: ... Also, I'd like to start "from scratch" and login to her machine via GDM, ... In Gnome there is an option, Remote access (or ...
    (Ubuntu)
  • Re: restrict ssh access
    ... > We have one ssh server which receives about 6000 failed attempts to ... > unsuccessful login attempts per client IP address? ... the remote server is also running OpenSSH. ...
    (comp.security.ssh)
  • Re: ssh to remote machine with user login problem
    ... > machine.When i login as root ssh to remote machoine will work without ... You need to copy the 'authorized_keys' file from the ssh directory of the root ...
    (Debian-User)
  • Re: Sharepoint and VPN
    ... over a WAN http://fqdn:444 but a login is required. ... VPN, remote desktop to the server when needed, and map shared folders. ... Can someone help me understand how permissions should be configured in ...
    (microsoft.public.windows.server.sbs)