1 |
Hi All, |
2 |
|
3 |
For some reason my Gentoo rsa public key is not liked by 3.9p1-11.el4_7 sshd, |
4 |
which is running on a CentOS server. On the Gentoo machine I am running |
5 |
net-misc/openssh-5.1_p1-r1. This is what it shows: |
6 |
=================================================== |
7 |
debug1: fd 3 clearing O_NONBLOCK |
8 |
debug1: Connection established. |
9 |
debug3: timeout: 14835 ms remain after connect |
10 |
debug3: Not a RSA1 key file /home/michael/.ssh/id_rsa. |
11 |
debug2: key_type_from_name: unknown key type '-----BEGIN' |
12 |
debug3: key_read: missing keytype |
13 |
debug2: key_type_from_name: unknown key type 'Proc-Type:' |
14 |
debug3: key_read: missing keytype |
15 |
debug2: key_type_from_name: unknown key type 'DEK-Info:' |
16 |
debug3: key_read: missing keytype |
17 |
debug3: key_read: missing whitespace |
18 |
debug3: key_read: missing whitespace |
19 |
debug3: key_read: missing whitespace |
20 |
debug3: key_read: missing whitespace |
21 |
debug3: key_read: missing whitespace |
22 |
debug3: key_read: missing whitespace |
23 |
debug3: key_read: missing whitespace |
24 |
debug3: key_read: missing whitespace |
25 |
debug3: key_read: missing whitespace |
26 |
debug3: key_read: missing whitespace |
27 |
debug3: key_read: missing whitespace |
28 |
debug3: key_read: missing whitespace |
29 |
debug3: key_read: missing whitespace |
30 |
debug3: key_read: missing whitespace |
31 |
debug3: key_read: missing whitespace |
32 |
debug3: key_read: missing whitespace |
33 |
debug3: key_read: missing whitespace |
34 |
debug3: key_read: missing whitespace |
35 |
debug3: key_read: missing whitespace |
36 |
debug3: key_read: missing whitespace |
37 |
debug3: key_read: missing whitespace |
38 |
debug3: key_read: missing whitespace |
39 |
debug3: key_read: missing whitespace |
40 |
debug3: key_read: missing whitespace |
41 |
debug3: key_read: missing whitespace |
42 |
debug2: key_type_from_name: unknown key type '-----END' |
43 |
debug3: key_read: missing keytype |
44 |
debug1: identity file /home/michael/.ssh/id_rsa type 1 |
45 |
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.9p1 |
46 |
debug1: match: OpenSSH_3.9p1 pat OpenSSH_3.* |
47 |
debug1: Remote is NON-HPN aware |
48 |
debug1: Enabling compatibility mode for protocol 2.0 |
49 |
debug1: Local version string SSH-2.0-OpenSSH_5.1p1-hpn13v5 |
50 |
.... |
51 |
debug3: check_host_in_hostfile: filename /home/michael/.ssh/known_hosts |
52 |
debug3: check_host_in_hostfile: match line 17 |
53 |
debug1: Host '[XXXXXXXXXX]:22' is known and matches the RSA host key. |
54 |
debug1: Found key in /home/michael/.ssh/known_hosts:17 |
55 |
debug2: bits set: 496/1024 |
56 |
debug1: ssh_rsa_verify: signature correct |
57 |
debug2: kex_derive_keys |
58 |
debug2: set_newkeys: mode 1 |
59 |
debug1: Enabling compression at level 6. |
60 |
debug1: SSH2_MSG_NEWKEYS sent |
61 |
debug1: expecting SSH2_MSG_NEWKEYS |
62 |
debug2: set_newkeys: mode 0 |
63 |
debug1: SSH2_MSG_NEWKEYS received |
64 |
debug1: SSH2_MSG_SERVICE_REQUEST sent |
65 |
debug2: service_accept: ssh-userauth |
66 |
debug1: SSH2_MSG_SERVICE_ACCEPT received |
67 |
debug2: key: /home/michael/.ssh/id_rsa (XXXXXXXX) |
68 |
debug1: Authentications that can continue: |
69 |
publickey,gssapi-with-mic,password,keyboard-interactive |
70 |
debug3: start over, passed a different list |
71 |
publickey,gssapi-with-mic,password,keyboard-interactive |
72 |
debug3: preferred publickey |
73 |
debug3: authmethod_lookup publickey |
74 |
debug3: remaining preferred: |
75 |
debug1: No more authentication methods to try. |
76 |
Permission denied (publickey,gssapi-with-mic,password,keyboard-interactive). |
77 |
=================================================== |
78 |
|
79 |
The above response and bail out without authenticating happens when I pass the |
80 |
option: |
81 |
|
82 |
-o PreferredAuthentications=publickey |
83 |
|
84 |
Otherwise, it goes through the above responses and then asks for the user's |
85 |
passwd. I have had no problems to date using pubkey on other Gentoo, Ubuntu |
86 |
and FreeBSD machines. Can you see anything that makes sense in the above |
87 |
CentOS response? Is there a fix? |
88 |
-- |
89 |
Regards, |
90 |
Mick |