Date: Fri, 1 Jun 2001 14:40:03 -0700 (PDT) From: Archie Cobbs <archie@packetdesign.com> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/27821: can't do RSA login via ssh to root account Message-ID: <200106012140.f51Le3k07201@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/27821; it has been noted by GNATS. From: Archie Cobbs <archie@packetdesign.com> To: Bill Fenner <fenner@research.att.com> Cc: freebsd-gnats-submit@freebsd.org Subject: Re: bin/27821: can't do RSA login via ssh to root account Date: Fri, 01 Jun 2001 14:33:11 -0700 Bill Fenner wrote: > I'm doing this with both RSA and DSA keys under stock FreeBSD 4.3 without > a problem. The RSA public key is in /root/.ssh/authorized_keys, the > DSA public key is in /root/.ssh/authorized_keys2, both my RSA and DSA > keys are loaded in my ssh-agent, and root logins "just work". Hmm.. it looks like the problem doesn't have to do with root anymore, instead ssh is trying to use my ${HOME}/.ssh/identity instead of the identity I've chosen for the agent via ssh-add.. e.g., here's a trace Notice below it's trying to use the 'archie@bubba.whistle.com' RSA identity instead of the one I specified (~archie/ambit/rsakey/ambitkey). I even tried using the '-i' flag.. The /etc/ssh/sshd_config file on the remote machine is the standard one with 'RSAAuthentication yes' in it. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com bubba 118 eval `ssh-agent` Agent pid 61927 bubba 119 env|grep SSH SSH_AUTH_SOCK=/tmp/ssh-g47PGWOn/agent.61926 SSH_AGENT_PID=61927 bubba 120 ssh-add ~archie/ambit/rsakey/ambitkey Need passphrase for /home/archie/ambit/rsakey/ambitkey Enter passphrase for /home/archie/ambit/rsakey/ambitkey: Identity added: /home/archie/ambit/rsakey/ambitkey (/home/archie/ambit/rsakey/ambitkey) bubba 121 ssh-add -l 1024 31:ea:a7:af:40:dc:34:f5:84:78:df:46:2b:f1:a5:a2 /home/archie/ambit/rsakey/ambitkey bubba 122 ssh -v vernier@192.168.10.2 SSH Version OpenSSH_2.3.0 green@FreeBSD.org 20010321, protocol versions 1.5/2.0. Compiled with SSL (0x0090600f). debug: Reading configuration data /etc/ssh/ssh_config debug: ssh_connect: getuid 1000 geteuid 1000 anon 1 debug: Connecting to (null) [192.168.10.2] port 22. debug: Connection established. debug: Remote protocol version 1.99, remote software version OpenSSH_2.3.0 green@FreeBSD.org 20010321 debug: match: OpenSSH_2.3.0 green@FreeBSD.org 20010321 pat ^OpenSSH[-_]2\.3 debug: Local version string SSH-1.5-OpenSSH_2.3.0 green@FreeBSD.org 20010321 debug: Waiting for server public key. debug: Received server public key (768 bits) and host key (1024 bits). debug: Host '192.168.10.2' is known and matches the RSA host key. debug: Encryption type: 3des debug: Sent encrypted session key. debug: Installing crc compensation attack detector. debug: Received encrypted confirmation. debug: RSA authentication using agent refused. debug: Trying RSA authentication with key 'archie@bubba.whistle.com' debug: Server refused our key. debug: Doing password authentication. vernier@192.168.10.2's password: bubba 123 ssh -v -i /home/archie/ambit/rsakey/ambitkey vernier@192.168.10.2 SSH Version OpenSSH_2.3.0 green@FreeBSD.org 20010321, protocol versions 1.5/2.0. Compiled with SSL (0x0090600f). debug: Reading configuration data /etc/ssh/ssh_config debug: ssh_connect: getuid 1000 geteuid 1000 anon 1 debug: Connecting to (null) [192.168.10.2] port 22. debug: Connection established. debug: Remote protocol version 1.99, remote software version OpenSSH_2.3.0 green@FreeBSD.org 20010321 debug: match: OpenSSH_2.3.0 green@FreeBSD.org 20010321 pat ^OpenSSH[-_]2\.3 debug: Local version string SSH-1.5-OpenSSH_2.3.0 green@FreeBSD.org 20010321 debug: Waiting for server public key. debug: Received server public key (768 bits) and host key (1024 bits). debug: Host '192.168.10.2' is known and matches the RSA host key. debug: Encryption type: 3des debug: Sent encrypted session key. debug: Installing crc compensation attack detector. debug: Received encrypted confirmation. debug: RSA authentication using agent refused. debug: Bad key file /home/archie/ambit/rsakey/ambitkey. debug: Doing password authentication. vernier@192.168.10.2's password: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106012140.f51Le3k07201>