Date: Thu, 28 Oct 2010 22:13:12 +0100 From: krad <kraduk@gmail.com> To: Peter Harrison <peter.piggybox@virgin.net> Cc: questions@freebsd.org Subject: Re: ssh key authentication problem... Message-ID: <AANLkTinZR3F0GwATLHw7RCb6XzVETKT8VBd_oh-Q%2BdaY@mail.gmail.com> In-Reply-To: <20101028193953.GA6922@laptop.piggybox> References: <20101028193953.GA6922@laptop.piggybox>
next in thread | previous in thread | raw e-mail | index | archive | help
On 28 October 2010 20:39, Peter Harrison <peter.piggybox@virgin.net> wrote: > Can anyone help me debug an ssh key-based authentication problem? > > I have an 8.1-R server running sshd, with one user account. On the server, > I've used ssh-keygen to generate id_rsa and id_rsa.pub. > > On my laptop I then pulled the id_rsa.pub file over and: > > % cat id_rsa.pub >> .ssh/authorized_keys > > Now I try to login from the laptop (also 8.1-R) to the server. It pauses > for a second and presents me with a 'Password:' prompt, so obviously the key > authentication isn't working. > > He's a debugging chunk from sshd run with '-ddd' flags: > > debug1: PAM: initializing for "peter" > debug1: userauth-request for user peter service ssh-connection method > publickey > debug1: attempt 1 failures 0 > debug2: input_userauth_request: try method publickey > debug1: test whether pkalg/pkblob are acceptable > debug3: mm_key_allowed entering > debug3: mm_request_send entering: type 20 > debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED > debug3: mm_request_receive_expect entering: type 21 > debug3: mm_request_receive entering > debug1: PAM: setting PAM_RHOST to "192.168.1.4" > debug2: monitor_read: 45 used once, disabling now > debug3: mm_request_receive entering > debug3: monitor_read: checking request 3 > debug3: mm_answer_authserv: service=ssh-connection, style= > debug2: monitor_read: 3 used once, disabling now > debug3: mm_request_receive entering > debug3: monitor_read: checking request 20 > debug3: mm_answer_keyallowed entering > debug3: mm_answer_keyallowed: key_from_blob: 0x286067c0 > debug1: trying public key file /home/peter/.ssh/authorized_keys > debug1: fd 4 clearing O_NONBLOCK > debug3: secure_filename: checking '/usr/home/peter/.ssh' > debug3: secure_filename: checking '/usr/home/peter' > debug3: secure_filename: terminating check at '/usr/home/peter' > debug2: key not found > debug1: trying public key file /home/peter/.ssh/authorized_keys2 > Failed publickey for peter from 192.168.1.4 port 43046 ssh2 > debug3: mm_answer_keyallowed: key 0x286067c0 is not allowed > debug3: mm_request_send entering: type 21 > debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa > debug3: mm_request_receive entering > debug1: userauth-request for user peter service ssh-connection method > keyboard-interactive > debug1: attempt 2 failures 1 > debug2: input_userauth_request: try method keyboard-interactive > debug1: keyboard-interactive devs > > Anyone suggest what I'm doing wrong? > > TIA. > > > Peter Harrison. > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > you have the setup the keys the wrong way around by the sound of it. The ssh server should have the public keys only in the authorized_keys files, and your client/desktop should have the private keys in your ~/.ssh
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTinZR3F0GwATLHw7RCb6XzVETKT8VBd_oh-Q%2BdaY>