debug3: no such identity: /var/backups/.ssh/identity
debug1: Offering public key: /var/backups/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: /var/backups/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
anyone has an idea of what the problem could be?
Thanks,
Luca
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
01-07-2009, 03:41 PM
"Beau J. Bechdol"
ssh public key authentication
If the server didn't let you in using your key, find the PubkeyAuthentication line in /etc/ssh/sshd_config and change it to yes. That should do it.
-Beau
On Wed, Jan 7, 2009 at 9:10 AM, Luca Ferrari <fluca1978@infinito.it> wrote:
Hi,
I'd like a user to ssh another host (both ubuntu 8.1) without being prompted
for a password, so I copied the rsa (and also dsa) public keys to the target
host, added these keys to the authorized_keys file but when I do ssh I'm
prompted for a password, and I don't understand why. Here's an excerpet of the
debug3: no such identity: /var/backups/.ssh/identity
debug1: Offering public key: /var/backups/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: /var/backups/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
anyone has an idea of what the problem could be?
Thanks,
Luca
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
01-07-2009, 06:02 PM
"Brian McKee"
ssh public key authentication
On Wed, Jan 7, 2009 at 11:10 AM, Luca Ferrari <fluca1978@infinito.it> wrote:
> Hi,
> I'd like a user to ssh another host (both ubuntu 8.1) without being prompted
> for a password,
As Mark suggested - check the permissions in the .ssh file - 700 for
the .ssh folder and 600 for the files in it.
What I've been doing lately is using the ssh-copy-id tool to do that
instead of manually moving the files around myself. Much better.
Check it out - man ssh-copy-id
Brian
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
01-07-2009, 06:31 PM
Smoot Carl-Mitchell
ssh public key authentication
On Wed, 2009-01-07 at 11:13 -0500, Mark Haney wrote:
> This bites me a lot. Check to make sure the ~/.ssh folder is set to 600
> permissions, including all the files in it. If they /aren't/ set to
> those permissions, it doesn't matter if the key is there, ssh won't
> accept it.
The .ssh directory can be readable by group and other and the
authorized_keys file can also be readable and public key authentication
will work. If those permissions are correct, check the permissions of
the directory path which leads to the .ssh directory. All the ancestor
directories must only be readable by group and other as well.
--
Smoot Carl-Mitchell
System/Network Architect
smoot@tic.com
+1 480 922 7313
cell: +1 602 421 9005
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
01-07-2009, 06:36 PM
"Mark Haney"
ssh public key authentication
Smoot Carl-Mitchell wrote:
> On Wed, 2009-01-07 at 11:13 -0500, Mark Haney wrote:
>
>> This bites me a lot. Check to make sure the ~/.ssh folder is set to 600
>> permissions, including all the files in it. If they /aren't/ set to
>> those permissions, it doesn't matter if the key is there, ssh won't
>> accept it.
>
> The .ssh directory can be readable by group and other and the
> authorized_keys file can also be readable and public key authentication
> will work. If those permissions are correct, check the permissions of
> the directory path which leads to the .ssh directory. All the ancestor
> directories must only be readable by group and other as well.
Yeah, that's true. However, being the truly paranoid that I am, I just
set the whole shooting match to 600. But 700 is acceptable for the
directory itself.
--
Frustra laborant quotquot se calculationibus fatigant pro inventione
quadraturae circuli
Mark Haney
Sr. Systems Administrator
ERC Broadband
(828) 350-2415
Call (866) ERC-7110 for after hours support
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
01-07-2009, 07:49 PM
Smoot Carl-Mitchell
ssh public key authentication
On Wed, 2009-01-07 at 14:36 -0500, Mark Haney wrote:
> Smoot Carl-Mitchell wrote:
> > On Wed, 2009-01-07 at 11:13 -0500, Mark Haney wrote:
> >
> >> This bites me a lot. Check to make sure the ~/.ssh folder is set to 600
> >> permissions, including all the files in it. If they /aren't/ set to
> >> those permissions, it doesn't matter if the key is there, ssh won't
> >> accept it.
> >
> > The .ssh directory can be readable by group and other and the
> > authorized_keys file can also be readable and public key authentication
> > will work. If those permissions are correct, check the permissions of
> > the directory path which leads to the .ssh directory. All the ancestor
> > directories must only be readable by group and other as well.
>
> Yeah, that's true. However, being the truly paranoid that I am, I just
> set the whole shooting match to 600. But 700 is acceptable for the
> directory itself.
Yep, paranoia can be a good thing. :-) 700 is required for the
directory, since you do want it searchable. e.g. o+rwx.
--
Smoot Carl-Mitchell
System/Network Architect
smoot@tic.com
+1 480 922 7313
cell: +1 602 421 9005
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
01-08-2009, 07:07 AM
Luca Ferrari
ssh public key authentication
Thanks all,
I've double checked my configuration, and the server was accepting rsa
authentication, the key was right (I checked it with another user and it
worked) and the permissions of the .ssh directory were right (0600). Then I
had a look at the home directory of the user and I found that the group was
not right, so I changed and the ssh login worked. So it is important not only
the ownership and permissions of the .ssh directory, but of the whole home
directory.
Thanks,
Luca
On Wednesday 7 January 2009 17:41:18 Beau J. Bechdol wrote:
> If the server didn't let you in using your key, find the *
> PubkeyAuthentication* line in */etc/ssh/sshd_config* and change it to
> *yes*. That should do it.
>
> -Beau
>
> On Wed, Jan 7, 2009 at 9:10 AM, Luca Ferrari <fluca1978@infinito.it> wrote:
> > Hi,
> > I'd like a user to ssh another host (both ubuntu 8.1) without being
> > prompted
> > for a password, so I copied the rsa (and also dsa) public keys to the
> > target
> > host, added these keys to the authorized_keys file but when I do ssh I'm
> > prompted for a password, and I don't understand why. Here's an excerpet
> > of the
> > debug messages of the ssh client:
> >
> > debug1: Next authentication method: publickey
> > debug1: Trying private key: /var/backups/.ssh/identity
> > debug3: no such identity: /var/backups/.ssh/identity
> > debug1: Offering public key: /var/backups/.ssh/id_rsa
> > debug3: send_pubkey_test
> > debug2: we sent a publickey packet, wait for reply
> > debug1: Authentications that can continue: publickey,password
> > debug1: Offering public key: /var/backups/.ssh/id_dsa
> > debug3: send_pubkey_test
> > debug2: we sent a publickey packet, wait for reply
> > debug1: Authentications that can continue: publickey,password
> > debug2: we did not send a packet, disable method
> > debug3: authmethod_lookup password
> > debug3: remaining preferred: ,password
> > debug3: authmethod_is_enabled password
> >
> >
> > anyone has an idea of what the problem could be?
> >
> > Thanks,
> > Luca
> >
> > --
> > ubuntu-users mailing list
> > ubuntu-users@lists.ubuntu.com
> > Modify settings or unsubscribe at:
> > https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
ssh public key authentication
