Passwordless ssh, keys not authenticating, asks for password

Dave dave at dgmm.net
Mon Feb 2 23:50:36 UTC 2015 

Hi,
I'm trying to set up passwordless ssh login

I have it working on all but one client, with no obvious reason why it's not 
working on this one box.

Box1 (ubuntu)  uname -a

Linux ubuntu 3.2.0-75-generic #110-Ubuntu SMP Tue Dec 16 19:11:28 UTC 2014 
i686 i686 i386 GNU/Linux


Box2 (testbox - working) uname -a

FreeBSD testbox.asgard.uk 9.3-RELEASE-p9 FreeBSD 9.3-RELEASE-p9 #0: Tue Jan 27 
10:43:40 UTC 2015     root at amd64-
builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64


Box3 (amd - not working) uname -a

FreeBSD amd.asgard.uk 9.3-RELEASE-p9 FreeBSD 9.3-RELEASE-p9 #0: Tue Jan 27 
10:43:40 UTC 2015     root at amd64-
builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64


On Box1 I did

ssh-keygen (default answers, no pass phrase)
ssh-copy-id dave at testbox
ssh-copy-id dave at amd
ssh-add


Boxes 2 and 3 have identical and default  /etc/ssh/ssh_config and the following 
are identical.

~/.ssh is chmod 700
-rw-------  1 dave  dave  797  2 Feb 22:10 authorized_keys
-rw-r--r--  1 dave  dave  165  6 Jan 23:27 known_host

ssh dave at testbox (Box2 works fine)
ssh dave at amd     (Box3 fails and asks for the password)


Results of ssh -v dave at amd (Box3)

OpenSSH_5.9p1 Debian-5ubuntu1.4, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to amd [192.168.1.3] port 22.
debug1: Connection established.
debug1: identity file /home/dave/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/dave/.ssh/id_rsa-cert type -1
debug1: identity file /home/dave/.ssh/id_dsa type -1
debug1: identity file /home/dave/.ssh/id_dsa-cert type -1
debug1: identity file /home/dave/.ssh/id_ecdsa type -1
debug1: identity file /home/dave/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version 
OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420
debug1: match: OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
debug1: Host 'amd' is known and matches the ECDSA host key.
debug1: Found key in /home/dave/.ssh/known_hosts:1
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/dave/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Offering RSA public key: dave at ubuntu
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /home/dave/.ssh/id_dsa
debug1: Trying private key: /home/dave/.ssh/id_ecdsa
debug1: Next authentication method: keyboard-interactive
Password for dave at amd.asgard.uk:


Box3 (amd,the problembox)   pkg info | grep ssh

libssh-0.6.3_1                 Library implementing the SSH1 and SSH2 protocol
linux-c6-libssh2-1.4.2_1       Library implementing the SSH2 protocol (Linux 
CentOS 6.6


Box (testbox,a working box) pkg info | grep ssh

libssh-0.6.3_1                 Library implementing the SSH1 and SSH2 protocol

To eliminate the potential difference, pkg info | grep ssh shows no results on 
a 9.2 box where passwordless ssh works.  I also successfully tested with a 
RaspBMC box.

I can only assume there is something different somewhere on Box3 (amd) that 
I've changed and forgotten about.   Is there anything else you need to know to 
help me?

More information about the freebsd-questions mailing list