From owner-freebsd-questions@FreeBSD.ORG Fri Oct 29 02:48:47 2010 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0689D106564A for ; Fri, 29 Oct 2010 02:48:47 +0000 (UTC) (envelope-from mikel.king@olivent.com) Received: from mail.olivent.com (mail.olivent.com [75.99.82.91]) by mx1.freebsd.org (Postfix) with ESMTP id 6D73B8FC0C for ; Fri, 29 Oct 2010 02:48:46 +0000 (UTC) Received: from localhost ([127.0.0.1]) by mail.olivent.com (Kerio Connect 7.0.0 patch 1); Thu, 28 Oct 2010 22:18:41 -0400 To: "Peter Harrison" , questions@freebsd.org From: "Mikel King" In-Reply-To: 20101028193953.GA6922@laptop.piggybox Message-ID: <20101029021841.75c4f546@mail.olivent.com> Date: Thu, 28 Oct 2010 22:18:41 -0400 X-Mailer: Kerio Connect 7.0.0 patch 1 WebMail X-User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: Re: ssh key authentication problem... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Oct 2010 02:48:47 -0000 Peter, Have you verified permissions of 700 on .ssh and 640 on authorized=5Fkey= s and authorized=5Fkeys2=3F If you do not have an authorized=5Fkeys2 sim= ply copy the former to that name and give it a go. Cheers, Mikel King =5F=5F=5F=5F=5F =20 From: Peter Harrison [mailto:peter.piggybox@virgin.net] To: questions@freebsd.org Sent: Thu, 28 Oct 2010 15:39:53 -0400 Subject: ssh key authentication problem... Can anyone help me debug an ssh key-based authentication problem=3F =20 I have an 8.1-R server running sshd, with one user account. On the ser= ver, I've used ssh-keygen to generate id=5Frsa and id=5Frsa.pub. =20 On my laptop I then pulled the id=5Frsa.pub file over and: =20 % cat id=5Frsa.pub >> .ssh/authorized=5Fkeys =20 Now I try to login from the laptop (also 8.1-R) to the server. It paus= es for a second and presents me with a 'Password:' prompt, so obviously = the key authentication isn't working. =20 He's a debugging chunk from sshd run with '-ddd' flags: =20 debug1: PAM: initializing for "peter" debug1: userauth-request for user peter service ssh-connection method = publickey debug1: attempt 1 failures 0 debug2: input=5Fuserauth=5Frequest: try method publickey debug1: test whether pkalg/pkblob are acceptable debug3: mm=5Fkey=5Fallowed entering debug3: mm=5Frequest=5Fsend entering: type 20 debug3: mm=5Fkey=5Fallowed: waiting for MONITOR=5FANS=5FKEYALLOWED debug3: mm=5Frequest=5Freceive=5Fexpect entering: type 21 debug3: mm=5Frequest=5Freceive entering debug1: PAM: setting PAM=5FRHOST to "192.168.1.4" debug2: monitor=5Fread: 45 used once, disabling now debug3: mm=5Frequest=5Freceive entering debug3: monitor=5Fread: checking request 3 debug3: mm=5Fanswer=5Fauthserv: service=3Dssh-connection, style=3D debug2: monitor=5Fread: 3 used once, disabling now debug3: mm=5Frequest=5Freceive entering debug3: monitor=5Fread: checking request 20 debug3: mm=5Fanswer=5Fkeyallowed entering debug3: mm=5Fanswer=5Fkeyallowed: key=5Ffrom=5Fblob: 0x286067c0 debug1: trying public key file /home/peter/.ssh/authorized=5Fkeys debug1: fd 4 clearing O=5FNONBLOCK debug3: secure=5Ffilename: checking '/usr/home/peter/.ssh' debug3: secure=5Ffilename: checking '/usr/home/peter' debug3: secure=5Ffilename: terminating check at '/usr/home/peter' debug2: key not found debug1: trying public key file /home/peter/.ssh/authorized=5Fkeys2 Failed publickey for peter from 192.168.1.4 port 43046 ssh2 debug3: mm=5Fanswer=5Fkeyallowed: key 0x286067c0 is not allowed debug3: mm=5Frequest=5Fsend entering: type 21 debug2: userauth=5Fpubkey: authenticated 0 pkalg ssh-rsa debug3: mm=5Frequest=5Freceive entering debug1: userauth-request for user peter service ssh-connection method = keyboard-interactive debug1: attempt 2 failures 1 debug2: input=5Fuserauth=5Frequest: try method keyboard-interactive debug1: keyboard-interactive devs=20 =20 Anyone suggest what I'm doing wrong=3F =20 TIA. =20 =20 Peter Harrison. =20 =20 =20 =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebs= d.org" =20