Passwordless ssh, keys not authenticating, asks for password
Dave
dave at dgmm.net
Mon Feb 2 23:50:36 UTC 2015
Hi,
I'm trying to set up passwordless ssh login
I have it working on all but one client, with no obvious reason why it's not
working on this one box.
Box1 (ubuntu) uname -a
Linux ubuntu 3.2.0-75-generic #110-Ubuntu SMP Tue Dec 16 19:11:28 UTC 2014
i686 i686 i386 GNU/Linux
Box2 (testbox - working) uname -a
FreeBSD testbox.asgard.uk 9.3-RELEASE-p9 FreeBSD 9.3-RELEASE-p9 #0: Tue Jan 27
10:43:40 UTC 2015 root at amd64-
builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64
Box3 (amd - not working) uname -a
FreeBSD amd.asgard.uk 9.3-RELEASE-p9 FreeBSD 9.3-RELEASE-p9 #0: Tue Jan 27
10:43:40 UTC 2015 root at amd64-
builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64
On Box1 I did
ssh-keygen (default answers, no pass phrase)
ssh-copy-id dave at testbox
ssh-copy-id dave at amd
ssh-add
Boxes 2 and 3 have identical and default /etc/ssh/ssh_config and the following
are identical.
~/.ssh is chmod 700
-rw------- 1 dave dave 797 2 Feb 22:10 authorized_keys
-rw-r--r-- 1 dave dave 165 6 Jan 23:27 known_host
ssh dave at testbox (Box2 works fine)
ssh dave at amd (Box3 fails and asks for the password)
Results of ssh -v dave at amd (Box3)
OpenSSH_5.9p1 Debian-5ubuntu1.4, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to amd [192.168.1.3] port 22.
debug1: Connection established.
debug1: identity file /home/dave/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/dave/.ssh/id_rsa-cert type -1
debug1: identity file /home/dave/.ssh/id_dsa type -1
debug1: identity file /home/dave/.ssh/id_dsa-cert type -1
debug1: identity file /home/dave/.ssh/id_ecdsa type -1
debug1: identity file /home/dave/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version
OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420
debug1: match: OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
debug1: Host 'amd' is known and matches the ECDSA host key.
debug1: Found key in /home/dave/.ssh/known_hosts:1
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/dave/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Offering RSA public key: dave at ubuntu
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /home/dave/.ssh/id_dsa
debug1: Trying private key: /home/dave/.ssh/id_ecdsa
debug1: Next authentication method: keyboard-interactive
Password for dave at amd.asgard.uk:
Box3 (amd,the problembox) pkg info | grep ssh
libssh-0.6.3_1 Library implementing the SSH1 and SSH2 protocol
linux-c6-libssh2-1.4.2_1 Library implementing the SSH2 protocol (Linux
CentOS 6.6
Box (testbox,a working box) pkg info | grep ssh
libssh-0.6.3_1 Library implementing the SSH1 and SSH2 protocol
To eliminate the potential difference, pkg info | grep ssh shows no results on
a 9.2 box where passwordless ssh works. I also successfully tested with a
RaspBMC box.
I can only assume there is something different somewhere on Box3 (amd) that
I've changed and forgotten about. Is there anything else you need to know to
help me?
More information about the freebsd-questions
mailing list