ssh key authentication problem...

krad kraduk at gmail.com
Thu Oct 28 21:38:28 UTC 2010


On 28 October 2010 20:39, Peter Harrison <peter.piggybox at virgin.net> wrote:

> Can anyone help me debug an ssh key-based authentication problem?
>
> I have an 8.1-R server running sshd, with one user account. On the server,
> I've used ssh-keygen to generate id_rsa  and id_rsa.pub.
>
> On my laptop I then pulled the id_rsa.pub file over and:
>
> % cat id_rsa.pub >> .ssh/authorized_keys
>
> Now I try to login from the laptop (also 8.1-R) to the server. It pauses
> for a second and presents me with a 'Password:' prompt, so obviously the key
> authentication isn't working.
>
> He's a debugging chunk from sshd run with '-ddd' flags:
>
> debug1: PAM: initializing for "peter"
> debug1: userauth-request for user peter service ssh-connection method
> publickey
> debug1: attempt 1 failures 0
> debug2: input_userauth_request: try method publickey
> debug1: test whether pkalg/pkblob are acceptable
> debug3: mm_key_allowed entering
> debug3: mm_request_send entering: type 20
> debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED
> debug3: mm_request_receive_expect entering: type 21
> debug3: mm_request_receive entering
> debug1: PAM: setting PAM_RHOST to "192.168.1.4"
> debug2: monitor_read: 45 used once, disabling now
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 3
> debug3: mm_answer_authserv: service=ssh-connection, style=
> debug2: monitor_read: 3 used once, disabling now
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 20
> debug3: mm_answer_keyallowed entering
> debug3: mm_answer_keyallowed: key_from_blob: 0x286067c0
> debug1: trying public key file /home/peter/.ssh/authorized_keys
> debug1: fd 4 clearing O_NONBLOCK
> debug3: secure_filename: checking '/usr/home/peter/.ssh'
> debug3: secure_filename: checking '/usr/home/peter'
> debug3: secure_filename: terminating check at '/usr/home/peter'
> debug2: key not found
> debug1: trying public key file /home/peter/.ssh/authorized_keys2
> Failed publickey for peter from 192.168.1.4 port 43046 ssh2
> debug3: mm_answer_keyallowed: key 0x286067c0 is not allowed
> debug3: mm_request_send entering: type 21
> debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa
> debug3: mm_request_receive entering
> debug1: userauth-request for user peter service ssh-connection method
> keyboard-interactive
> debug1: attempt 2 failures 1
> debug2: input_userauth_request: try method keyboard-interactive
> debug1: keyboard-interactive devs
>
> Anyone suggest what I'm doing wrong?
>
> TIA.
>
>
> Peter Harrison.
>
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe at freebsd.org"
>


you have the setup the keys the wrong way around by the sound of it. The ssh
server should have the public keys only in the authorized_keys files, and
your client/desktop should have the private keys in your ~/.ssh


More information about the freebsd-questions mailing list