From owner-freebsd-questions@FreeBSD.ORG Thu Oct 28 21:44:54 2010 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9F056106566C for ; Thu, 28 Oct 2010 21:44:54 +0000 (UTC) (envelope-from rjgonzale@estrads.com.ar) Received: from cpoproxy2-pub.bluehost.com (cpoproxy2-pub.bluehost.com [67.222.39.38]) by mx1.freebsd.org (Postfix) with SMTP id 6DF5C8FC14 for ; Thu, 28 Oct 2010 21:44:54 +0000 (UTC) Received: (qmail 22408 invoked by uid 0); 28 Oct 2010 21:18:13 -0000 Received: from unknown (HELO box511.bluehost.com) (74.220.219.111) by cpoproxy2.bluehost.com with SMTP; 28 Oct 2010 21:18:13 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=estrads.com.ar; h=Received:Date:From:To:Cc:Subject:Message-ID:In-Reply-To:References:X-Mailer:Mime-Version:Content-Type:Content-Transfer-Encoding:X-Identified-User; b=nKS+O4gLa8hMUIkQAKotoRSgb3eueT/eLg5OqsEM0aS6fZNM01k0zEfLIVCmVovqwRpDjQgMlb/zOuuz3vGnOdIvOJ0uptCmf65a2o1DtQGmeJGJmq4PoOObC1El59lC; Received: from host188.190-30-198.telecom.net.ar ([190.30.198.188] helo=rjgonzale-laptop) by box511.bluehost.com with esmtpa (Exim 4.69) (envelope-from ) id 1PBZrO-0007AD-SX; Thu, 28 Oct 2010 15:18:13 -0600 Date: Thu, 28 Oct 2010 18:18:07 -0300 From: Rodrigo Gonzalez To: Peter Harrison Message-ID: <20101028181807.1d344ef0@rjgonzale-laptop> In-Reply-To: <20101028193953.GA6922@laptop.piggybox> References: <20101028193953.GA6922@laptop.piggybox> X-Mailer: Claws Mail 3.7.6 (GTK+ 2.22.0; i486-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Identified-User: {32647:box511.bluehost.com:gonosade:estrads.com.ar} {sentby:smtp auth 190.30.198.188 authed with rjgonzale@estrads.com.ar} Cc: questions@freebsd.org Subject: Re: ssh key authentication problem... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Oct 2010 21:44:54 -0000 You have to do the other way.... generate at laptop, put in authorized_key at server the public key and then you will be able to ssh to server from laptop using key authorization On Thu, 28 Oct 2010 20:39:53 +0100 Peter Harrison wrote: > Can anyone help me debug an ssh key-based authentication problem? > > I have an 8.1-R server running sshd, with one user account. On the > server, I've used ssh-keygen to generate id_rsa and id_rsa.pub. > > On my laptop I then pulled the id_rsa.pub file over and: > > % cat id_rsa.pub >> .ssh/authorized_keys > > Now I try to login from the laptop (also 8.1-R) to the server. It > pauses for a second and presents me with a 'Password:' prompt, so > obviously the key authentication isn't working. > > He's a debugging chunk from sshd run with '-ddd' flags: > > debug1: PAM: initializing for "peter" > debug1: userauth-request for user peter service ssh-connection method > publickey debug1: attempt 1 failures 0 > debug2: input_userauth_request: try method publickey > debug1: test whether pkalg/pkblob are acceptable > debug3: mm_key_allowed entering > debug3: mm_request_send entering: type 20 > debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED > debug3: mm_request_receive_expect entering: type 21 > debug3: mm_request_receive entering > debug1: PAM: setting PAM_RHOST to "192.168.1.4" > debug2: monitor_read: 45 used once, disabling now > debug3: mm_request_receive entering > debug3: monitor_read: checking request 3 > debug3: mm_answer_authserv: service=ssh-connection, style= > debug2: monitor_read: 3 used once, disabling now > debug3: mm_request_receive entering > debug3: monitor_read: checking request 20 > debug3: mm_answer_keyallowed entering > debug3: mm_answer_keyallowed: key_from_blob: 0x286067c0 > debug1: trying public key file /home/peter/.ssh/authorized_keys > debug1: fd 4 clearing O_NONBLOCK > debug3: secure_filename: checking '/usr/home/peter/.ssh' > debug3: secure_filename: checking '/usr/home/peter' > debug3: secure_filename: terminating check at '/usr/home/peter' > debug2: key not found > debug1: trying public key file /home/peter/.ssh/authorized_keys2 > Failed publickey for peter from 192.168.1.4 port 43046 ssh2 > debug3: mm_answer_keyallowed: key 0x286067c0 is not allowed > debug3: mm_request_send entering: type 21 > debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa > debug3: mm_request_receive entering > debug1: userauth-request for user peter service ssh-connection method > keyboard-interactive debug1: attempt 2 failures 1 > debug2: input_userauth_request: try method keyboard-interactive > debug1: keyboard-interactive devs > > Anyone suggest what I'm doing wrong? > > TIA. > > > Peter Harrison. > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org"