Authentication with SSH using public keys
Andrew Falanga
af300wsm at gmail.com
Mon Nov 3 18:16:42 PST 2008
On Fri, Oct 31, 2008 at 6:46 PM, आशीष शुक्ल Ashish Shukla
<wahjava.ml at gmail.com> wrote:
> In <200810311652.38230.af300wsm at gmail.com>, Andrew Falanga wrote:
>>
>> Hi,
>>
>> My father recently setup a new 7.0-Release system for some web
>> development. I use ssh to login remotely. I've normally not had any
>> trouble configuring authentication through public key encryption using
>> ssh-keygen and such. I have for myself a id_rsa.pub and an id_rsa key pair
>> that I use for this purpose.
>>
>> Normally, I just copy, via scp, the file id_rsa.pub to my
>> ~/.ssh/authorized_keys file on the remote host and the next time I attempt a
>> login all is well. That is, I don't have to enter my password. However, on
>> my Dad's new machine, this isn't the case. I still have to enter the
>> password.
>>
>> Now, I've looked through his /etc/ssh/sshd_config file and nothing in
>> there looks odd, or different, from other remote hosts I do this on. So,
>> I'm embedding a copy/paste of an ssh login session on my father's host using
>> -v -v to ssh:
>>
>> [/usr/home/andy/MCH]
>> -> ssh -v -v malumgat
>
> [...]
>
>> debug1: Authentications that can continue: publickey,keyboard-interactive
>> debug1: Next authentication method: publickey
>> debug1: Trying private key: /home/andy/.ssh/identity
>> debug1: Offering public key: /home/andy/.ssh/id_rsa
>> debug2: we sent a publickey packet, wait for reply
>> debug1: Authentications that can continue: publickey,keyboard-interactive
>
> It seems OpenSSH (on your dad's box) hasn't recognized your private key, so
> how about checking permissions of ~/.ssh/authorized_keys and ~/.ssh on his
> box. Or how about enabling verbose logging on his box, using 'LogLevel'
> parameter in sshd_config.
>
> HTH
> Ashish Shukla
The permissions on the machine where it works:
[www:/home/afalanga]
-> ls -la .ssh/
total 6
drwxr-xr-x 2 afalanga staff 512 Sep 28 03:33 .
drwxr-xr-x 3 afalanga staff 512 Oct 29 08:31 ..
-rw-r--r-- 1 afalanga staff 393 Sep 28 03:33 authorized_keys
The permissions on the machine where it doesn't work:
[andy at mch ~]$ ls -la .ssh/
total 6
drwxrwxr-x 2 andy wheel 512 Oct 10 04:30 .
drwxr-xr-x 4 andy wheel 512 Oct 31 06:30 ..
-rw-r--r-- 1 andy wheel 393 Oct 28 10:01 authorized_keys
I see a difference in that the directory on the machine where it
doesn't work is writable to the group, but on the machine where it
does work the directory isn't writable. Other than that, the
permissions don't look different, do they?
Andy
More information about the freebsd-questions
mailing list