ssh2 login with public key - not working

Laszlo Nagy gandalf at shopzeus.com
Thu Aug 30 09:07:45 PDT 2007 

Hi,

I have to boxes, both are FreeBSD 6.2 -p7. I did this:

user1 at box1:

ssh-keygen -t dsa
mv ~/.ssh/id_dsa.pub ~/.ssh/authorized_keys
chmod 640 ~/.ssh/authorized_keys
scp ~/.ssh/id_dsa user2 at box2:~/.ssh

user2 at box2:

mkdir .ssh
cat > .ssh/config

host mybox
        hostname box1
        identityfile /home/user2/.ssh/id_dsa
        compression yes
        cipher blowfish
        protocol 2
^D

Then I try this:

ssh -l user1 mybox

but it asks for a password. I also tried this:

ssh -v -v -v -l user1 mybox

This is what I see (just a part of it):

debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /usr/user2/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'box1' is known and matches the DSA host key.
debug1: Found key in /usr/user2/.ssh/known_hosts:1
debug2: bits set: 526/1024
debug1: ssh_dss_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /usr/user2/.ssh/id_dsa (0x8032410)
debug1: Authentications that can continue: publickey,keyboard-interactive
debug3: start over, passed a different list publickey,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /usr/user2/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,keyboard-interactive
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:

What is the problem? I could do the same with other computers/users without problem. I'm sure that I do something wrong.

Thanks,

   Laszlo

More information about the freebsd-questions mailing list