ssh2 login with public key - not working
Laszlo Nagy
gandalf at shopzeus.com
Thu Aug 30 09:07:45 PDT 2007
Hi,
I have to boxes, both are FreeBSD 6.2 -p7. I did this:
user1 at box1:
ssh-keygen -t dsa
mv ~/.ssh/id_dsa.pub ~/.ssh/authorized_keys
chmod 640 ~/.ssh/authorized_keys
scp ~/.ssh/id_dsa user2 at box2:~/.ssh
user2 at box2:
mkdir .ssh
cat > .ssh/config
host mybox
hostname box1
identityfile /home/user2/.ssh/id_dsa
compression yes
cipher blowfish
protocol 2
^D
Then I try this:
ssh -l user1 mybox
but it asks for a password. I also tried this:
ssh -v -v -v -l user1 mybox
This is what I see (just a part of it):
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /usr/user2/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'box1' is known and matches the DSA host key.
debug1: Found key in /usr/user2/.ssh/known_hosts:1
debug2: bits set: 526/1024
debug1: ssh_dss_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /usr/user2/.ssh/id_dsa (0x8032410)
debug1: Authentications that can continue: publickey,keyboard-interactive
debug3: start over, passed a different list publickey,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /usr/user2/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,keyboard-interactive
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:
What is the problem? I could do the same with other computers/users without problem. I'm sure that I do something wrong.
Thanks,
Laszlo
More information about the freebsd-questions
mailing list