From owner-freebsd-questions@FreeBSD.ORG Thu Feb 2 00:05:01 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3D65216A420 for ; Thu, 2 Feb 2006 00:05:01 +0000 (GMT) (envelope-from ldrada@gmail.com) Received: from nproxy.gmail.com (nproxy.gmail.com [64.233.182.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id BFC3643D70 for ; Thu, 2 Feb 2006 00:04:54 +0000 (GMT) (envelope-from ldrada@gmail.com) Received: by nproxy.gmail.com with SMTP id m18so11620nfc for ; Wed, 01 Feb 2006 16:04:20 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=TJ17fffRJ4YQEwAksQWj29R/ija3yx628xWawDdyK5bNyLdgkvSs4Hk2VK8edc7KtXb1gp20UqXrFgews82/1QRmm9BCRvtwBtL9/GpUYOn3SDBuniU+b0aVAytrL4lNyAAfpJAEhv/VZXh5Ea07IKbFX0uLwBXdNwEhHfAjBcU= Received: by 10.48.220.3 with SMTP id s3mr30091nfg; Wed, 01 Feb 2006 16:04:20 -0800 (PST) Received: by 10.48.108.10 with HTTP; Wed, 1 Feb 2006 16:04:19 -0800 (PST) Message-ID: <5ceb5d550602011604p45bf08dfx21e972f44736f879@mail.gmail.com> Date: Thu, 2 Feb 2006 01:04:19 +0100 From: "Daniel A." To: david bryce In-Reply-To: <1138836616.370.253326484@webmail.messagingengine.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <1138676399.30955.253148220@webmail.messagingengine.com> <20060131094135.GA2042@flame.pc> <1138836616.370.253326484@webmail.messagingengine.com> Cc: Giorgos Keramidas , freebsd-questions@freebsd.org Subject: Re: SSH with Public Key Authentication (Was: Re: Attention: Giorgos Keramidas (Was: CVS Import Permissions)) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Feb 2006 00:05:01 -0000 Try one or more of the following things: - Use puttygen to import your private key, and then export as .ppk - Load your key.ppk into pageant, and let it manage your private key(s) - Log in using your private key from the server (ie. login to the server with your password, and then from the shell ssh username@localhost). Please inform me of your results. On 2/2/06, david bryce wrote: > On Tue, 31 Jan 2006 11:41:35 +0200, "Giorgos Keramidas" > said: > > > Giorgos, > > > > > > Thanks very much for replying! I wasn't aware of this environment > > > variable (even though I spent quite a while on this problem). Using > > > CVSUMASK certainly works when working on the server machine! > > > > > > We are currently using a pserver installation, with developers using > > > windows machines. We need a way to achieve the same effect with a use= r on > > > a windows machine doing an import. Do you have any idea how this can = be > > > done? Thank you! > > > > I'm not sure. I know that the setting of CVSUMASK on the server machin= e > > works if you use SSH tunneling though. If it's not too much trouble, y= ou > > can set up SSH-based authentication instead of :pserver: and make sure > > the > > .bashrc or .cshrc of the developers on the server machine sets CVSUMASK > > correctly. > > > > SSH-tunneled CVS is what the FreeBSD project uses in the official CVS > > repository, so I guess this setup works as expected :) > > Giorgos, > > Thanks again for taking the time to reply. I have tried using SSH in > the past, and got stuck setting up the public key login (that's > why we're using pserver). > > I spent a few hours yesterday trying to get SSH going again. I can > login with SSH from the windows machine using Putty, but only when > I use password authentication. In order to use cvs with ssh (using > the plink program in Putty), we must use public key authentication. > > We are getting a 'Key Refused' error when trying to use public key > authentication. I have tried doing several things including editing > the /etc/ssh/sshd_config file: > > PubkeyAuthentication yes > AuthorizedKeysFile .ssh/authorized_keys > > We also had to make these changes in order to get password based > ssh to work: > > UsePAM no > PermitRootLogin yes > > We also tried putting the public key into various files: > .ssh/authorized_keys > .ssh/authorized_keys2 > .ssh2/authorized_keys > .ssh2/authorized_keys2 > > (and made sure they are not group/world writable. The keys are > SSH2 DSA 1024 bits) > > I tried looking in the /var/log/auth.log file, and what I'm seeing > is: > > Feb 2 10:19:26 mail1 sshd2[15343]: connection from "xxx.xx.xxx.x" > Feb 2 10:19:26 mail1 sshd2[15344]: WARNING: DNS lookup failed for > "xxx.xx.xxx.\ > x". > Feb 2 10:19:29 mail1 sshd2[15344]: Local disconnected: Connection > closed. > Feb 2 10:19:29 mail1 sshd2[15344]: connection lost: 'Connection > closed.' > > (I set "LogLevel DEBUG3" in sshd_config. I don't think the DNS > error is relevant, because password based ssh is working. But > I could wrong. What do you think?) > > Do you have any idea where I can look to find out why the key is > being refused? Are there any other logfiles other than auth.log > that could give a clue to what's going wrong? Thanks! > > Regards, > > DB > -- > david bryce > davidbryce@fastmail.fm > > -- > http://www.fastmail.fm - A fast, anti-spam email service. > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" >