Authentication with SSH using public keys

Andrew Falanga af300wsm at gmail.com
Mon Nov 3 18:16:42 PST 2008 

On Fri, Oct 31, 2008 at 6:46 PM, आशीष शुक्ल Ashish Shukla
<wahjava.ml at gmail.com> wrote:
> In <200810311652.38230.af300wsm at gmail.com>, Andrew Falanga wrote:
>>
>> Hi,
>>
>> My father recently setup a new 7.0-Release system for some web
>> development.  I use ssh to login remotely.  I've normally not had any
>> trouble configuring authentication through public key encryption using
>> ssh-keygen and such.  I have for myself a id_rsa.pub and an id_rsa key pair
>> that I use for this purpose.
>>
>> Normally, I just copy, via scp, the file id_rsa.pub to my
>> ~/.ssh/authorized_keys file on the remote host and the next time I attempt a
>> login all is well.  That is, I don't have to enter my password.  However, on
>> my Dad's new machine, this isn't the case.  I still have to enter the
>> password.
>>
>> Now, I've looked through his /etc/ssh/sshd_config file and nothing in
>> there looks odd, or different, from other remote hosts I do this on.  So,
>> I'm embedding a copy/paste of an ssh login session on my father's host using
>> -v -v to ssh:
>>
>> [/usr/home/andy/MCH]
>> -> ssh -v -v malumgat
>
> [...]
>
>> debug1: Authentications that can continue: publickey,keyboard-interactive
>> debug1: Next authentication method: publickey
>> debug1: Trying private key: /home/andy/.ssh/identity
>> debug1: Offering public key: /home/andy/.ssh/id_rsa
>> debug2: we sent a publickey packet, wait for reply
>> debug1: Authentications that can continue: publickey,keyboard-interactive
>
> It seems OpenSSH (on your dad's box) hasn't recognized your private key, so
> how about checking permissions of ~/.ssh/authorized_keys and ~/.ssh on his
> box. Or how about enabling verbose logging on his box, using 'LogLevel'
> parameter in sshd_config.
>
> HTH
> Ashish Shukla

The permissions on the machine where it works:
[www:/home/afalanga]
-> ls -la .ssh/
total 6
drwxr-xr-x  2 afalanga  staff  512 Sep 28 03:33 .
drwxr-xr-x  3 afalanga  staff  512 Oct 29 08:31 ..
-rw-r--r--  1 afalanga  staff  393 Sep 28 03:33 authorized_keys

The permissions on the machine where it doesn't work:
[andy at mch ~]$ ls -la .ssh/
total 6
drwxrwxr-x  2 andy  wheel  512 Oct 10 04:30 .
drwxr-xr-x  4 andy  wheel  512 Oct 31 06:30 ..
-rw-r--r--  1 andy  wheel  393 Oct 28 10:01 authorized_keys

I see a difference in that the directory on the machine where it
doesn't work is writable to the group, but on the machine where it
does work the directory isn't writable.  Other than that, the
permissions don't look different, do they?

Andy

More information about the freebsd-questions mailing list