From owner-freebsd-questions@freebsd.org  Sat Sep 14 12:36:55 2019
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0FAC0F3639
 for <freebsd-questions@mailman.nyi.freebsd.org>;
 Sat, 14 Sep 2019 12:36:55 +0000 (UTC)
 (envelope-from aryeh.friedman@gmail.com)
Received: from mail-io1-xd2d.google.com (mail-io1-xd2d.google.com
 [IPv6:2607:f8b0:4864:20::d2d])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 46VsT22cdfz3QTX
 for <freebsd-questions@freebsd.org>; Sat, 14 Sep 2019 12:36:54 +0000 (UTC)
 (envelope-from aryeh.friedman@gmail.com)
Received: by mail-io1-xd2d.google.com with SMTP id b19so8618692iob.4
 for <freebsd-questions@freebsd.org>; Sat, 14 Sep 2019 05:36:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:references:in-reply-to:from:date:message-id:subject:to
 :cc; bh=eVclFaZhKi9IgOOnrzh9UhmwK/lM7ztOa5Oc6fXsv5A=;
 b=DBWsXMViAed+xgmPYXaKEWfuxL5zHhs7ulkLkf1qly5Ml3e1FePVNM+jNtTHBXo+MT
 EgV9M1EFvYyDTCLvrnwn4AxLchlcrC2V9+QywMEsbvyVl8zIEpc56fzGaRedEHgf9OAB
 GgFvCZnczg4vFXRANyAyxPtb+sqX3+6J2+fSR58pqlU4XeUNy1TmRiM51D5hZ5UNi60o
 wuxIRYFjkvGZGhB1D53k5/SdQqqXID54/qS0gKCKDx2IeszIcNHM3Esixya3jpV/Jic9
 raIdbGSU+TAoRfh4jCf9MAM3TssVaz+JtQmCk+/jUMr7l7rqsELWQhK0iqY4bxbjd9Nz
 QdmA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=eVclFaZhKi9IgOOnrzh9UhmwK/lM7ztOa5Oc6fXsv5A=;
 b=feB2x/W9WyVqn4oqugRCFx9rrnFRABnIkFlsGV+U+f6IH2uP2vvLTvVPAPpEcT8qCg
 xt9CV+DqV1XOva8DFzmAPzDOOn8RRzgeuO/wz926lMEt2HAgI2wGcZFKR44gLDk9QU6p
 I3+dvZU/m2LJIdlCuLzhts8o7M77isDTGkwSxgCWO5LQZecEcUTQq6R+eATG14g3C8ma
 j3EDCUxkgUPP8QNK4Xad7lpLNbnB4oYvY42QVBZayfxEeEWt/bi2UcyG1gSPIhcHLaW2
 gZo44jvLJ66DGTVLPJ6C8MbPFRYMCkFERv5dF3RzdtnakFBT6X8Ny2S2dj/t/rgU45Y2
 bWag==
X-Gm-Message-State: APjAAAVF+isxPxAPYCEW6xA57KNrBeTf/MsBfsxV4nogObvjQYvGNK2K
 kL+fuub0ZE3c2N80v2sFIzIlOaD9NUJZDr+eR+s=
X-Google-Smtp-Source: APXvYqyqeSpoz0Pj+Wk/H5bteDTSMFzcJBYjMnOJVFcMMAo2Xf2qrij+Ayj/cO9ESrHqnSZu+/7FYB4UVTG2OTjK858=
X-Received: by 2002:a6b:ec16:: with SMTP id c22mr5705743ioh.185.1568464612982; 
 Sat, 14 Sep 2019 05:36:52 -0700 (PDT)
MIME-Version: 1.0
References: <CAGBxaXkVQNE6deyWs9JXh9vqmKz8tLc9HfqC8ZmBLrK2jv7p3A@mail.gmail.com>
 <5bd0de7e-cf45-36bc-f428-2db37e76b5b9@optusnet.com.au>
In-Reply-To: <5bd0de7e-cf45-36bc-f428-2db37e76b5b9@optusnet.com.au>
From: Aryeh Friedman <aryeh.friedman@gmail.com>
Date: Sat, 14 Sep 2019 08:36:41 -0400
Message-ID: <CAGBxaXn5u196cK_iSjMXLjvEBZe-bDjsJmYMjDspc-dOBJc=AQ@mail.gmail.com>
Subject: Re: OT: My ssh authorized_keys doesn't work with nfs/nis
To: MJ <mjose00@optusnet.com.au>
Cc: FreeBSD Mailing List <freebsd-questions@freebsd.org>
X-Rspamd-Queue-Id: 46VsT22cdfz3QTX
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=gmail.com header.s=20161025 header.b=DBWsXMVi;
 dmarc=pass (policy=none) header.from=gmail.com;
 spf=pass (mx1.freebsd.org: domain of aryehfriedman@gmail.com designates
 2607:f8b0:4864:20::d2d as permitted sender)
 smtp.mailfrom=aryehfriedman@gmail.com
X-Spamd-Result: default: False [-3.00 / 15.00];
 R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36];
 FREEMAIL_FROM(0.00)[gmail.com]; TO_DN_ALL(0.00)[];
 DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2];
 DMARC_POLICY_ALLOW(-0.50)[gmail.com,none];
 FREEMAIL_TO(0.00)[optusnet.com.au]; FROM_EQ_ENVFROM(0.00)[];
 IP_SCORE(0.00)[ip: (-6.20), ipnet: 2607:f8b0::/32(-2.70), asn: 15169(-2.24),
 country: US(-0.05)]; MIME_TRACE(0.00)[0:+,1:+,2:~];
 FREEMAIL_ENVFROM(0.00)[gmail.com];
 ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US];
 TAGGED_FROM(0.00)[];
 DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0];
 ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 MIME_GOOD(-0.10)[multipart/alternative,text/plain];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org];
 IP_SCORE_FREEMAIL(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[];
 RCVD_IN_DNSWL_NONE(0.00)[d.2.d.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org
 : 127.0.5.0]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]
Content-Type: text/plain; charset="UTF-8"
X-Content-Filtered-By: Mailman/MimeDel 2.1.29
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Sep 2019 12:36:55 -0000

On Sat, Sep 14, 2019 at 8:21 AM MJ <mjose00@optusnet.com.au> wrote:

>
>
> On 14/09/2019 5:39 pm, Aryeh Friedman wrote:
> > My ~/.ssh/authorized_keys files works fine on a machine that is not in my
> > NIS domain but when I copy my id_rsa.pub (which is what I did to create
> the
> > non-NIS authorized_keys) to my NIS account and give it the same
> permissions
> > as the working machine it insists on asking for a password.
> >
> > ssh faraway (non-NIS machine)
> > does not ask for a password
> > but
> > ssh nearby (NIS machine) does
>
>
> Try ssh -vvv. See if that informs you more.
>

One the first things I tried (I spent hours on the before posting):

aryeh% ssh -vvv aryeh@timeless (aka "nearby")
OpenSSH_7.8p1, OpenSSL 1.1.1a-freebsd  20 Nov 2018
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolving "timeless.lan.fnwe.net" port 22
debug2: ssh_connect_direct
debug1: Connecting to timeless.lan.fnwe.net [192.168.11.102] port 22.
debug1: Connection established.
debug1: identity file /home/aryeh/.ssh/id_rsa type 0
debug1: identity file /home/aryeh/.ssh/id_rsa-cert type -1
debug1: identity file /home/aryeh/.ssh/id_dsa type -1
debug1: identity file /home/aryeh/.ssh/id_dsa-cert type -1
debug1: identity file /home/aryeh/.ssh/id_ecdsa type -1
debug1: identity file /home/aryeh/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/aryeh/.ssh/id_ed25519 type -1
debug1: identity file /home/aryeh/.ssh/id_ed25519-cert type -1
debug1: identity file /home/aryeh/.ssh/id_xmss type -1
debug1: identity file /home/aryeh/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.8 FreeBSD-20180909
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.5
FreeBSD-20170903
debug1: match: OpenSSH_7.5 FreeBSD-20170903 pat
OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7*
compat 0x04000002
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to timeless.lan.fnwe.net:22 as 'aryeh'
debug3: Fssh_hostkeys_foreach: reading file "/home/aryeh/.ssh/known_hosts"
debug3: Fssh_record_hostkey: found key type ECDSA in file
/home/aryeh/.ssh/known_hosts:1
debug3: Fssh_load_hostkeys: loaded 1 keys from timeless.lan.fnwe.net
debug3: order_hostkeyalgs: prefer hostkeyalgs:
ecdsa-sha2-nistp256-cert-v01@openssh.com,
ecdsa-sha2-nistp384-cert-v01@openssh.com,
ecdsa-sha2-nistp521-cert-v01@openssh.com
,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org
,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,
ecdsa-sha2-nistp384-cert-v01@openssh.com,
ecdsa-sha2-nistp521-cert-v01@openssh.com
,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,
rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com
,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com
,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,
aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: chacha20-poly1305@openssh.com
,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,
aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,
hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com
,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,
hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com
,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org
,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms:
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com
,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,
aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: chacha20-poly1305@openssh.com
,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,
aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,
hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com
,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,
hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com
,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC:
<implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC:
<implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256
SHA256:p3BzCuoOHDdBRZTpU1pUBzm1ggZ54+xvOgQsqnBMIaw
debug3: verify_host_key_dns
DNS lookup error: general failure
debug3: Fssh_hostkeys_foreach: reading file "/home/aryeh/.ssh/known_hosts"
debug3: Fssh_record_hostkey: found key type ECDSA in file
/home/aryeh/.ssh/known_hosts:1
debug3: Fssh_load_hostkeys: loaded 1 keys from timeless.lan.fnwe.net
debug1: Host 'timeless.lan.fnwe.net' is known and matches the ECDSA host
key.
debug1: Found key in /home/aryeh/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /home/aryeh/.ssh/id_rsa (0x80308a000)
debug2: key: /home/aryeh/.ssh/id_dsa (0x0)
debug2: key: /home/aryeh/.ssh/id_ecdsa (0x0)
debug2: key: /home/aryeh/.ssh/id_ed25519 (0x0)
debug2: key: /home/aryeh/.ssh/id_xmss (0x0)
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: Fssh_kex_input_ext_info:
server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,keyboard-interactive
debug3: start over, passed a different list publickey,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA
SHA256:p0RVefXW440C9qPB6/k3XC5PONDCcsSgJ8YGWzIGnRM /home/aryeh/.ssh/id_rsa
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /home/aryeh/.ssh/id_dsa
debug3: no such identity: /home/aryeh/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/aryeh/.ssh/id_ecdsa
debug3: no such identity: /home/aryeh/.ssh/id_ecdsa: No such file or
directory
debug1: Trying private key: /home/aryeh/.ssh/id_ed25519
debug3: no such identity: /home/aryeh/.ssh/id_ed25519: No such file or
directory
debug1: Trying private key: /home/aryeh/.ssh/id_xmss
debug3: no such identity: /home/aryeh/.ssh/id_xmss: No such file or
directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 60
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1

and for faraway:

aryeh% ssh -vvv aryeh@faraway
OpenSSH_7.8p1, OpenSSL 1.1.1a-freebsd  20 Nov 2018
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolving "faraway" port 22
debug2: ssh_connect_direct
debug1: Connecting to faraway [xxx.xxx.xxx.xxx] port 22.
debug1: Connection established.
debug1: identity file /home/aryeh/.ssh/id_rsa type 0
debug1: identity file /home/aryeh/.ssh/id_rsa-cert type -1
debug1: identity file /home/aryeh/.ssh/id_dsa type -1
debug1: identity file /home/aryeh/.ssh/id_dsa-cert type -1
debug1: identity file /home/aryeh/.ssh/id_ecdsa type -1
debug1: identity file /home/aryeh/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/aryeh/.ssh/id_ed25519 type -1
debug1: identity file /home/aryeh/.ssh/id_ed25519-cert type -1
debug1: identity file /home/aryeh/.ssh/id_xmss type -1
debug1: identity file /home/aryeh/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.8 FreeBSD-20180909
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.5
FreeBSD-20170903
debug1: match: OpenSSH_7.5 FreeBSD-20170903 pat
OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7*
compat 0x04000002
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to faraway:22 as 'aryeh'
debug3: Fssh_hostkeys_foreach: reading file "/home/aryeh/.ssh/known_hosts"
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org
,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,
ecdsa-sha2-nistp384-cert-v01@openssh.com,
ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,
rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,
ssh-rsa-cert-v01@openssh.com
,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com
,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,
aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: chacha20-poly1305@openssh.com
,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,
aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,
hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com
,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,
hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com
,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org
,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms:
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com
,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,
aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: chacha20-poly1305@openssh.com
,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,
aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,
hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com
,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,
hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com
,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC:
<implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC:
<implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256
SHA256:X1gmK2fPzWSRMyxyY5aul0KdVjFGBWhSndOF6YJ5eL0
debug3: verify_host_key_dns
DNS lookup error: general failure
debug3: Fssh_hostkeys_foreach: reading file "/home/aryeh/.ssh/known_hosts"
The authenticity of host 'faraway (xxx.xxx.xxx.xxx)' can't be established.
ECDSA key fingerprint is SHA256:X1gmK2fPzWSRMyxyY5aul0KdVjFGBWhSndOF6YJ5eL0.
No matching host key fingerprint found in DNS.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'faraway' (ECDSA) to the list of known hosts.
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /home/aryeh/.ssh/id_rsa (0x80308a000)
debug2: key: /home/aryeh/.ssh/id_dsa (0x0)
debug2: key: /home/aryeh/.ssh/id_ecdsa (0x0)
debug2: key: /home/aryeh/.ssh/id_ed25519 (0x0)
debug2: key: /home/aryeh/.ssh/id_xmss (0x0)
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: Fssh_kex_input_ext_info:
server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,keyboard-interactive
debug3: start over, passed a different list publickey,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA
SHA256:p0RVefXW440C9qPB6/k3XC5PONDCcsSgJ8YGWzIGnRM /home/aryeh/.ssh/id_rsa
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
debug2: input_userauth_pk_ok: fp
SHA256:p0RVefXW440C9qPB6/k3XC5PONDCcsSgJ8YGWzIGnRM
debug3: sign_and_send_pubkey: RSA
SHA256:p0RVefXW440C9qPB6/k3XC5PONDCcsSgJ8YGWzIGnRM
debug3: sign_and_send_pubkey: signing using rsa-sha2-512
debug3: send packet: type 50
debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
Authenticated to faraway ([xxx.xxx.xxx.xxx]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting no-more-sessions@openssh.com
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: receive packet: type 80
debug1: client_input_global_request: rtype hostkeys-00@openssh.com
want_reply 0
debug3: receive packet: type 91
debug2: Fssh_channel_input_open_confirmation: channel 0: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: Fssh_ssh_packet_set_tos: set IP_TOS 0x48
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug3: send packet: type 98
debug2: channel 0: request shell confirm 1
debug3: send packet: type 98
debug2: Fssh_channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug3: receive packet: type 99
debug2: Fssh_channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug3: receive packet: type 99
debug2: Fssh_channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0

-- 
Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org