|
[x]
The Solution Rating System
|
|
|
With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating. - The Grade of the Solution
- The Zone Rank of the Expert Providing the Solution
- The Number of Author and Expert Comments
- The Number of Experts Contributing
- The Feedback of the Community
Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site. If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support. Thank you! |
|
|
|
|
I have accounts on three linux machine, let's call them Home, Away1 and Away2. All the machines have SSH installed and working (that is, I can use ssh to login from one machine to the others successfully).
I want to start using public key authentication. So on my Home machine I followd the proscribed proceedure:
home$ ssh-keygen -t dsa
home$ scp ~/.ssh/id_dsa.pub remote
home$ ssh username@away1
away1$ cat ~/id_dsa.pub >> ~/.ssh/authorized_keys
away1$ chmod 644 ~/.ssh/authorized_keys
away1$ exit
home$ ssh username@remote -
...and once I set the local environment using keychain, Away1 asked me for my public key password. Fine so far.
Then I followed the same proceedure with Away2. But this time it didn't work--Away2 keeps asking me for the account password, not the public key password.
Away2 has a different version of ssh than Away1. Possibly this is responsible for the problem but I haven't been able to figure it out. Can anyone help me?
relevant info:
Versions:
===============================
home $ ssh -V
OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
away1 $ ssh -V
OpenSSH_3.7.1p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7a Feb 19 2003
away2 $ ssh -V
ssh: SSH Secure Shell 2.4.0 (non-commercial version) on i686-pc-linux-gnu
Permissions on Away2 (one that doesn't work)
=================================
away2~$ ls -ld
drwx---r-x 8 me users 1024 Dec 4 12:29 ./
away2~$ ls -ld .ssh*
drwxr-xr-x 2 me users 1024 Dec 4 12:03 .ssh/
drwxr-xr-x 3 me users 1024 Dec 4 12:03 .ssh2/
away2~$ ls -l .ssh
total 2
-rw-r--r-- 1 me users 218 Dec 4 13:04 authorized_keys
-rw-r--r-- 1 me users 218 Dec 4 13:04 authorized_keys2
away2~$ ls -l .ssh2
total 4
-rw-r--r-- 1 me users 218 Dec 4 13:04 authorized_keys
-rw-r--r-- 1 me users 218 Dec 4 13:04 authorized_keys2
drwx------ 2 me users 1024 Dec 4 12:00 hostkeys/
-rw------- 1 me users 512 Dec 4 12:00 random_seed
Note that I think Away2 uses .ssh2 but I created .ssh, and the authorized_keys2 files just to make sure.
Verbose output from ssh:
==============================
$ ssh -l me away2 -vvv
OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to away2.com [218.208.147.36] port 22.
debug1: Connection established.
debug1: identity file /home/me/.ssh/identity type -1
debug3: Not a RSA1 key file /home/me/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: no key found
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: no key found
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: no key found
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: no key found
debug1: identity file /home/me/.ssh/id_rsa type 1
debug3: Not a RSA1 key file /home/me/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: no key found
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: no key found
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: no key found
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: no key found
debug1: identity file /home/me/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version 2.4.0 SSH Secure Shell (non-commercial)
debug1: match: 2.4.0 SSH Secure Shell (non-commercial) pat 2.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.5p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss
debug2: kex_parse_kexinit: 3des-cbc,cast128-cbc,blowfish-cbc,twofish-cbc,arcfour,none
debug2: kex_parse_kexinit: 3des-cbc,cast128-cbc,blowfish-cbc,twofish-cbc,arcfour,none
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,none
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,none
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client 3des-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server 3des-cbc hmac-md5 none
debug1: dh_gen_key: priv key bits set: 209/384
debug1: bits set: 485/1024
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug3: check_host_in_hostfile: filename /home/me/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 19
debug3: check_host_in_hostfile: filename /home/me/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 19
debug1: Host 'metafoundry.he.net' is known and matches the DSA host key.
debug1: Found key in /home/me/.ssh/known_hosts:19
debug1: bits set: 545/1024
debug1: ssh_dss_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: next auth method to try is publickey
debug1: userauth_pubkey_agent: testing agent key /home/me/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: authentications that can continue: publickey,password
debug3: clear_auth_state: key_free 0x8090b90
debug1: userauth_pubkey_agent: testing agent key /home/me/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: authentications that can continue: publickey,password
debug3: clear_auth_state: key_free 0x8091198
debug2: userauth_pubkey_agent: no more keys
debug2: userauth_pubkey_agent: no message sent
debug1: try privkey: /home/me/.ssh/identity
debug3: no such identity: /home/me/.ssh/identity
debug1: try pubkey: /home/me/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: authentications that can continue: publickey,password
debug2: userauth_pubkey_agent: no more keys
debug2: userauth_pubkey_agent: no message sent
debug1: try pubkey: /home/me/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: authentications that can continue: publickey,password
debug2: userauth_pubkey_agent: no more keys
debug2: userauth_pubkey_agent: no message sent
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: next auth method to try is password
me@away2.com's password:
