| View previous topic :: View next topic |
| Author |
Message |
linderox
n00b
Joined: 03 Jun 2007
Posts: 41
|
 Posted: Wed Feb 27, 2008 8:59 am Post subject: ssh says Permission denied. (publickey) |
 |
|
I want to install sshd on my server... I started sshd , generate keys for all users,but everytime I has a message on the client
Permission denied (publickey)
I installed pure archlinux system from CD. And have the same problem on the new archlinux system
but i have trouble with a connection to all my archlinux systems,but no trouble for outgoing ssh connections to router on all of these systems
In /var/log/auth.log there is no any line about trying to connect to the server
| Code: |
user@local ~ $ ssh archserver
Permission denied (publickey).
|
| Code: |
root@local# ssh -vvv archserver
OpenSSH_4.2p1, OpenSSL 0.9.7e 25 Oct 2004
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to archserver [10.0.3.2] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.6
debug1: match: OpenSSH_4.6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.2
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 120/256
debug2: bits set: 497/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 4
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 3
debug1: Host 'archserver' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:4
debug2: bits set: 482/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/id_rsa ((nil))
debug2: key: /root/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug3: no such identity: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
|
here /var/log/auth.log on the ssh server, but the time earlier than all of my connections....
| Code: |
Feb 27 11:22:23 localhost sshd[5039]: Received signal 15; terminating.
Feb 27 11:22:24 localhost sshd[5641]: Server listening on 0.0.0.0 port 22.
|
here is my sshd_config:
| Code: |
Port 22
Protocol 2#,1
ListenAddress 0.0.0.0
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
LoginGraceTime 600
PermitRootLogin no
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
RhostsRSAAuthentication no
HostbasedAuthentication no
IgnoreRhosts yes
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
UsePAM no
AllowUsers master root
Subsystem sftp /usr/lib/ssh/sftp-server
|
|
|
| Back to top |
|
 |
di1bert
l33t
Joined: 16 May 2002
Posts: 963
Location: Oslo, Norway
|
| Posted: Wed Feb 27, 2008 9:03 am Post subject: |
|
|
You'll need to set PasswordAuthentication to "yes" in your sshd_config to enable
password authentication.
Personally I prefer using DSA keys...but that's a whole other story...
HTH
-m |
|
| Back to top |
|
|
downer
Tux's lil' helper
Joined: 20 Sep 2007
Posts: 120
Location: sweden
|
| Posted: Wed Feb 27, 2008 9:07 am Post subject: |
|
|
Hi,
It seems like it is unable to find root's private keys:
| Code: | debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug3: no such identity: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa
debug2: we did not send a packet, disable method |
Check that you have at least one of the dsa/rsa keys in place, and also that you have the matching key on the remote server in .ssh/authorized_keys.
Best of luck
//D
_________________
HP dv6500 (dv6501eo) Laptop and Dell Latitude E6420 work puter;
both running Gentoo x86_64 quite successfully. |
|
| Back to top |
|
|
di1bert
l33t
Joined: 16 May 2002
Posts: 963
Location: Oslo, Norway
|
| Posted: Wed Feb 27, 2008 9:13 am Post subject: |
|
|
If they aren't there you may need to create them using the ssh-keygen
command.
You might want to check out these
two documents on SSH which will probably
help alot...
-m |
|
| Back to top |
|
|
JeliJami
Veteran
Joined: 17 Jan 2006
Posts: 1086
Location: Belgium
|
| Posted: Wed Feb 27, 2008 9:22 am Post subject: |
|
|
the last ssh command from your first post:
| Code: | | root@local# ssh -vvv archserver |
tries to connect as root, while the sshd_config contains
_________________
Unanswered Post Initiative | Search | FAQ
Former username: davjel |
|
| Back to top |
|
|
linderox
n00b
Joined: 03 Jun 2007
Posts: 41
|
| Posted: Wed Feb 27, 2008 10:00 am Post subject: |
|
|
everybody speaks about authorized-key , but i never create it manualy, this is automatical process if there is sshd in your system
i generated keys for root....on a client
| Code: |
ssh -vvv archserver
OpenSSH_4.2p1, OpenSSL 0.9.7e 25 Oct 2004
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to archserver [10.0.3.2] port 22.
debug1: Connection established.
debug1: identity file /home/master/.ssh/id_rsa type -1
debug1: identity file /home/master/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.6
debug1: match: OpenSSH_4.6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.2
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 144/256
debug2: bits set: 526/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/master/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: filename /home/master/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'archserver' is known and matches the RSA host key.
debug1: Found key in /home/master/.ssh/known_hosts:1
debug2: bits set: 549/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/master/.ssh/id_rsa ((nil))
debug2: key: /home/master/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/master/.ssh/id_rsa
debug3: no such identity: /home/master/.ssh/id_rsa
debug1: Trying private key: /home/master/.ssh/id_dsa
debug3: no such identity: /home/master/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
|
no any changes in auth.log on ssh server
Last edited by linderox on Wed Feb 27, 2008 10:18 am; edited 1 time in total |
|
| Back to top |
|
|
downer
Tux's lil' helper
Joined: 20 Sep 2007
Posts: 120
Location: sweden
|
| Posted: Wed Feb 27, 2008 10:13 am Post subject: |
|
|
If you want to use PublicKey you need to add they key from either id_dsa.pub or id_rsa.pub to ~/.ssh/authorized_keys on the remote server.
This is where sshd will look for your public key to try to match it with the private key used by the client.
//D
_________________
HP dv6500 (dv6501eo) Laptop and Dell Latitude E6420 work puter;
both running Gentoo x86_64 quite successfully. |
|
| Back to top |
|
|
linderox
n00b
Joined: 03 Jun 2007
Posts: 41
|
| Posted: Wed Feb 27, 2008 10:16 am Post subject: |
|
|
| JeliJami wrote: | the last ssh command from your first post:
| Code: | | root@local# ssh -vvv archserver |
tries to connect as root, while the sshd_config contains
|
I changed this options lots of time! no any changes! the same error
| Code: |
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
|
| downer wrote: | If you want to use PublicKey you need to add they key from either id_dsa.pub or id_rsa.pub to ~/.ssh/authorized_keys on the remote server.
This is where sshd will look for your public key to try to match it with the private key used by the client.
//D |
| Code: |
master@local ~ $ scp ~/.ssh/id_rsa.pub archserver:id_rsa_router.pub
Permission denied (publickey).
lost connection
|
|
|
| Back to top |
|
|
downer
Tux's lil' helper
Joined: 20 Sep 2007
Posts: 120
Location: sweden
|
| Posted: Wed Feb 27, 2008 10:38 am Post subject: |
|
|
| Quote: | | Code: | master@local ~ $ scp ~/.ssh/id_rsa.pub archserver:id_rsa_router.pub
Permission denied (publickey).
lost connection |
|
yeah, that is the thing with ssh, you can't enable Public Key until you have copied the public key to the remote host unless you have another way of getting the key there (usb stick or ftp or something (only the public key tho, ftp is not encrypted and you dont want to put your private key out for all to see!)).
//D
_________________
HP dv6500 (dv6501eo) Laptop and Dell Latitude E6420 work puter;
both running Gentoo x86_64 quite successfully. |
|
| Back to top |
|
|
linderox
n00b
Joined: 03 Jun 2007
Posts: 41
|
| Posted: Wed Feb 27, 2008 10:52 am Post subject: |
|
|
but how to all another ppl do this?!
if i have no physical access to the clients or server? |
|
| Back to top |
|
|
downer
Tux's lil' helper
Joined: 20 Sep 2007
Posts: 120
Location: sweden
|
| Posted: Wed Feb 27, 2008 11:03 am Post subject: |
|
|
| linderox wrote: | but how to all another ppl do this?!
if i have no physical access to the clients or server? |
this is one of the problems with SSH, especially if you have hundreds of servers and need to propagate the keys to all of them. there are probably as many solutions as there are sysadmins 
one way is to use password login and scp the keys, then use a script (or if you dont have many hosts - manually) to change to only use keys. another way is to use something that doesnt use ssh (ie not scp/sftp) to upload the keys. but then encryption of the transmission might be a problem.
IMO easiest is probably to use password login until you have set up the keys correctly.
//D
_________________
HP dv6500 (dv6501eo) Laptop and Dell Latitude E6420 work puter;
both running Gentoo x86_64 quite successfully. |
|
| Back to top |
|
|
linderox
n00b
Joined: 03 Jun 2007
Posts: 41
|
| Posted: Wed Feb 27, 2008 11:13 am Post subject: |
|
|
which program i can login with a password?
I tried password authentication gives the same error...
Some weeks ago I had successful connection with this server and without any flashdrivers, but after updating my system something happened...
maybe change something in /etc/pam.d? |
|
| Back to top |
|
|
downer
Tux's lil' helper
Joined: 20 Sep 2007
Posts: 120
Location: sweden
|
| Posted: Wed Feb 27, 2008 12:22 pm Post subject: |
|
|
| linderox wrote: | which program i can login with a password?
I tried password authentication gives the same error...
Some weeks ago I had successful connection with this server and without any flashdrivers, but after updating my system something happened...
maybe change something in /etc/pam.d? |
the normal ssh client is fine. Do you still get an error about public keys when you try to enter your password..?
Have you enabled root login (if you're still trying to login as root)? Try disabling public key login completely and only use password, any change?
If it still doesnt work try debugging the ssh server, remember to connect on port 24 in this case:
| Code: | | sshd -ddd -p24 > /tmp/sshd.out 2>&1 |
//D
_________________
HP dv6500 (dv6501eo) Laptop and Dell Latitude E6420 work puter;
both running Gentoo x86_64 quite successfully. |
|
| Back to top |
|
|
linderox
n00b
Joined: 03 Jun 2007
Posts: 41
|
| Posted: Thu Feb 28, 2008 11:28 am Post subject: |
|
|
i switch off all autherntication types except password authentication
error is
| Code: |
master@local ~ $ ssh archserver
Permission denied (password).
|
| Code: | master@localhost () /home/master
$ sudo sshd -ddd -p24 > /tmp/sshd.out 2>&1
master@localhost () /home/master
$ cat /tmp/sshd.out
sshd re-exec requires execution with an absolute path
|
| Code: |
$ sudo cat /etc/ssh/sshd_config | grep ^[A-Za-z0-9]
Port 22
Protocol 2
ListenAddress 0.0.0.0
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
PermitRootLogin no
StrictModes yes
RSAAuthentication no
PubkeyAuthentication no
AuthorizedKeysFile .ssh/authorized_keys
RhostsRSAAuthentication no
HostbasedAuthentication no
IgnoreUserKnownHosts yes
IgnoreRhosts yes
PasswordAuthentication yes
PermitEmptyPasswords no
ChallengeResponseAuthentication no
UsePAM yes
AllowUsers master
X11Forwarding yes
X11UseLocalhost yes
PrintMotd yes
PrintLastLog yes
MaxStartups 10
Subsystem sftp /usr/lib/misc/sftp-server
|
|
|
| Back to top |
|
|
downer
Tux's lil' helper
Joined: 20 Sep 2007
Posts: 120
Location: sweden
|
| Posted: Thu Feb 28, 2008 12:42 pm Post subject: |
|
|
| linderox wrote: | i switch off all autherntication types except password authentication
error is
| Code: |
master@local ~ $ ssh archserver
Permission denied (password).
|
| Code: | master@localhost () /home/master
$ sudo sshd -ddd -p24 > /tmp/sshd.out 2>&1
master@localhost () /home/master
$ cat /tmp/sshd.out
sshd re-exec requires execution with an absolute path
|
|
Try to execute it with full path then. Something like
| Code: | | /usr/sbin/sshd -ddd -p24 > /tmp/sshd.out 2>&1 |
| Quote: | | Code: |
$ sudo cat /etc/ssh/sshd_config | grep ^[A-Za-z0-9]
Port 22
Protocol 2
ListenAddress 0.0.0.0
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
PermitRootLogin no
StrictModes yes
RSAAuthentication no
PubkeyAuthentication no
AuthorizedKeysFile .ssh/authorized_keys
RhostsRSAAuthentication no
HostbasedAuthentication no
IgnoreUserKnownHosts yes
IgnoreRhosts yes
PasswordAuthentication yes
PermitEmptyPasswords no
ChallengeResponseAuthentication no
UsePAM yes
AllowUsers master
X11Forwarding yes
X11UseLocalhost yes
PrintMotd yes
PrintLastLog yes
MaxStartups 10
Subsystem sftp /usr/lib/misc/sftp-server
|
|
Try to enable ChallengeResponseAuthentication and see if that helps.
//D
_________________
HP dv6500 (dv6501eo) Laptop and Dell Latitude E6420 work puter;
both running Gentoo x86_64 quite successfully. |
|
| Back to top |
|
|
linderox
n00b
Joined: 03 Jun 2007
Posts: 41
|
| Posted: Thu Feb 28, 2008 12:56 pm Post subject: |
|
|
| Code: | $ cat /tmp/sshd.out
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 647
debug2: parse_server_config: config /etc/ssh/sshd_config len 647
debug3: /etc/ssh/sshd_config:13 setting Port 22
debug3: /etc/ssh/sshd_config:14 setting Protocol 2
debug3: /etc/ssh/sshd_config:17 setting ListenAddress 0.0.0.0
debug3: /etc/ssh/sshd_config:23 setting HostKey /etc/ssh/ssh_host_rsa_key
debug3: /etc/ssh/sshd_config:24 setting HostKey /etc/ssh/ssh_host_dsa_key
debug3: /etc/ssh/sshd_config:38 setting PermitRootLogin no
debug3: /etc/ssh/sshd_config:39 setting StrictModes yes
debug3: /etc/ssh/sshd_config:42 setting RSAAuthentication no
debug3: /etc/ssh/sshd_config:43 setting PubkeyAuthentication no
debug3: /etc/ssh/sshd_config:44 setting AuthorizedKeysFile .ssh/authorized_keys
debug3: /etc/ssh/sshd_config:47 setting RhostsRSAAuthentication no
debug3: /etc/ssh/sshd_config:49 setting HostbasedAuthentication no
debug3: /etc/ssh/sshd_config:52 setting IgnoreUserKnownHosts yes
debug3: /etc/ssh/sshd_config:54 setting IgnoreRhosts yes
debug3: /etc/ssh/sshd_config:57 setting PasswordAuthentication yes
debug3: /etc/ssh/sshd_config:58 setting PermitEmptyPasswords no
debug3: /etc/ssh/sshd_config:61 setting ChallengeResponseAuthentication no
debug3: /etc/ssh/sshd_config:81 setting UsePAM yes
debug3: /etc/ssh/sshd_config:82 setting AllowUsers master
debug3: /etc/ssh/sshd_config:86 setting X11Forwarding yes
debug3: /etc/ssh/sshd_config:88 setting X11UseLocalhost yes
debug3: /etc/ssh/sshd_config:89 setting PrintMotd yes
debug3: /etc/ssh/sshd_config:90 setting PrintLastLog yes
debug3: /etc/ssh/sshd_config:100 setting MaxStartups 10
debug3: /etc/ssh/sshd_config:106 setting Subsystem sftp /usr/lib/misc/sftp-server
debug1: sshd version OpenSSH_4.7p1
debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-ddd'
debug1: rexec_argv[2]='-p24'
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 24 on 0.0.0.0.
Server listening on 0.0.0.0 port 24.
|
|
|
| Back to top |
|
|
linderox
n00b
Joined: 03 Jun 2007
Posts: 41
|
| Posted: Thu Feb 28, 2008 12:59 pm Post subject: |
|
|
| Quote: |
Try to enable ChallengeResponseAuthentication and see if that helps.
//D |
thank you! Yes, password authentication works with this option swtich on YES[/quote] |
|
| Back to top |
|
|
downer
Tux's lil' helper
Joined: 20 Sep 2007
Posts: 120
Location: sweden
|
| Posted: Thu Feb 28, 2008 1:06 pm Post subject: |
|
|
Glad I could help 
//D
_________________
HP dv6500 (dv6501eo) Laptop and Dell Latitude E6420 work puter;
both running Gentoo x86_64 quite successfully. |
|
| Back to top |
|
|
linderox
n00b
Joined: 03 Jun 2007
Posts: 41
|
| Posted: Fri Feb 29, 2008 11:04 am Post subject: |
|
|
But I want to continue ...There is another problem with sshd but on the another archlinux system.
master@localhost () /home/master
| Code: |
$ ssh -vvv bask
OpenSSH_4.7p1, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to bask [10.0.3.56] port 22.
debug1: Connection established.
debug1: identity file /home/master/.ssh/identity type -1
debug3: Not a RSA1 key file /home/master/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/master/.ssh/id_rsa type 1
debug1: identity file /home/master/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
|
changing of sshd_config file doesn't change Error
regeneration of ssh-keygen on the localhost doesn't change error
i saw in internet that it could be a problem of /etc/hosts.allow - here is my file
| Code: |
ALL : \
127.0.0.1
ALL : \
10.0.3.0/255.255.255.0
portmap: 10.0.3.1/24
lockd: 10.0.3.1/24
mountd: 10.0.3.1/24
statd: 10.0.3.1/24
rquotad: 10.0.3.1/24
sshd: 10.0.3.1/24
|
|
|
| Back to top |
|
|
linderox
n00b
Joined: 03 Jun 2007
Posts: 41
|
| Posted: Fri Feb 29, 2008 12:12 pm Post subject: |
|
|
| i just cleared /etc/hosts.deny and it began to work |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
