From owner-freebsd-questions@FreeBSD.ORG Tue Nov 4 02:36:29 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5EF0E106574B for ; Tue, 4 Nov 2008 02:36:29 +0000 (UTC) (envelope-from jdc@koitsu.dyndns.org) Received: from QMTA05.emeryville.ca.mail.comcast.net (qmta05.emeryville.ca.mail.comcast.net [76.96.30.48]) by mx1.freebsd.org (Postfix) with ESMTP id ED4908FC12 for ; Tue, 4 Nov 2008 02:36:28 +0000 (UTC) (envelope-from jdc@koitsu.dyndns.org) Received: from OMTA10.emeryville.ca.mail.comcast.net ([76.96.30.28]) by QMTA05.emeryville.ca.mail.comcast.net with comcast id aqEM1a01L0cQ2SLA5qcUAp; Tue, 04 Nov 2008 02:36:28 +0000 Received: from koitsu.dyndns.org ([69.181.141.110]) by OMTA10.emeryville.ca.mail.comcast.net with comcast id aqbq1a00S2P6wsM8WqbqRz; Tue, 04 Nov 2008 02:35:51 +0000 X-Authority-Analysis: v=1.0 c=1 a=5m97uzuMlRgA:10 a=pcveRBxBSV8A:10 a=QycZ5dHgAAAA:8 a=UdH8zR-vUcdkwgTk9kYA:9 a=cbOjla392h2lLD69T5LOqZvO9D0A:4 a=EoioJ0NPDVgA:10 a=LY0hPdMaydYA:10 Received: by icarus.home.lan (Postfix, from userid 1000) id 62C32C9419; Mon, 3 Nov 2008 18:35:50 -0800 (PST) Date: Mon, 3 Nov 2008 18:35:50 -0800 From: Jeremy Chadwick To: Andrew Falanga Message-ID: <20081104023550.GA35893@icarus.home.lan> References: <200810311652.38230.af300wsm@gmail.com> <20081101014600.GA37453@chateau.d.lf> <200811031929.46308.af300wsm@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200811031929.46308.af300wsm@gmail.com> User-Agent: Mutt/1.5.18 (2008-05-17) Cc: freebsd-questions@freebsd.org Subject: Re: Authentication with SSH using public keys X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Nov 2008 02:36:29 -0000 On Mon, Nov 03, 2008 at 07:29:46PM -0700, Andrew Falanga wrote: > > > > > >debug1: Authentications that can continue: publickey,keyboard-interactive > > >debug1: Next authentication method: publickey > > >debug1: Trying private key: /home/andy/.ssh/identity > > >debug1: Offering public key: /home/andy/.ssh/id_rsa > > >debug2: we sent a publickey packet, wait for reply > > >debug1: Authentications that can continue: publickey,keyboard-interactive > > > > It seems OpenSSH (on your dad's box) hasn't recognized your private key, so > > how about checking permissions of ~/.ssh/authorized_keys and ~/.ssh on his > > box. Or how about enabling verbose logging on his box, using 'LogLevel' > > parameter in sshd_config. > > > > HTH > > Ashish Shukla > > > Following onto the e-mail I made before, apparently that little permissions > difference for the directory, .ssh, was the problem. Changing it to 644 has, > apparently, fixed the problem. Which doesn't make sense for two reasons: 1) Directories must have the execute bit set (644 lacks that), 2) ~/.ssh should be 700 for security reasons. -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |