Solved

SSH 3.2

Posted on 2002-07-13
23
1,170 Views
Last Modified: 2012-05-04
Dear all,

I had downloaded the ssh 3.2 and completed the configure, make and make install session in 7.2 linux box. there is no problem during the source code installation. However when I try to setup the auth method with

1) using key exchange in between external email server and internal email server

2) no need to type any password

Here is the problem : =====

Under the internal server and type

When I run ssh external server
it always request the password of external server

try
1) ssh -v external server
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 0 geteuid 0 anon 1
debug1: Connecting to apmailgate02 [202.65.2.135] port 22.
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /root/.ssh/identity type 0
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version 3.2.0 SSH Secure Shell (non-commercial)
debug1: no match: 3.2.0 SSH Secure Shell (non-commercial)
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_2.9p2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: dh_gen_key: priv key bits set: 140/256
debug1: bits set: 521/1024
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Host 'apmailgate02' is known and matches the DSA host key.
debug1: Found key in /root/.ssh/known_hosts2:1
debug1: bits set: 505/1024
debug1: len 55 datafellows 0
debug1: ssh_dss_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password
debug1: next auth method to try is publickey
debug1: try privkey: /root/.ssh/id_rsa
debug1: try privkey: /root/.ssh/id_dsa
debug1: next auth method to try is password

How can I fix this ?
debug1: try privkey: /root/.ssh/id_rsa
debug1: try privkey: /root/.ssh/id_dsa

Ed
0
Comment
Question by:edmundli
  • 6
  • 6
  • 5
  • +2
23 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7152092
sounds like you do not have
     /root/.ssh/id_rsa or /root/.ssh/id_dsa

did you run
     ssh-keygen -t rsa
     ssh-keygen -t dsa
0
 

Author Comment

by:edmundli
ID: 7152233

I do not,

I did try to recreate the pub and private key by using

 # rm /etc/ssh2/hostkey*
 # ssh-keygen2 -P /etc/ssh2/hostkey

A bit confusing.

How do I use this ?

Edmund
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7152605
what? I'm confused ...

You need to re-create *your* secret/public key-pair, where you add the public key to the authorized_keys file on the remote host. see my suggested commands.
0
 
LVL 38

Expert Comment

by:yuzh
ID: 7153315
Hi edmundli,

  I have to install prngd (PRNGD is a Pseudo Random Number
Generator Daemon) and run it on the backgroud.

  Just do a search prngd on the Web for your version of OS.

  OpenSSH 3.x does required to have prngd running on the backgroud, may be you can find it from where you downloaded
the ssh package.
0
 

Author Comment

by:edmundli
ID: 7153468

Here is my external server

modify sshd ====

#!/bin/sh
#
# ssh:       Starts the SSH Server
#
# Version:      @(#) /etc/init.d/sshd 2.0
#
# chkconfig: - 98 11
# description: Starts and stops the SSH Server at boot time and shu
#
# processname: sshd
#
# Source function library.
. /etc/init.d/functions

test -f /etc/ssh2/ssh2_config || exit

case "$1" in
'start')
        echo -n "sshd:"
        /local/sbin/sshd2>/dev/null
        if [ $? -eq 0 ]; then
                success
        else
                failure
        fi
        echo
        ;;
'stop')
        echo -n "sshd:"
        PID=`cat /var/run/sshd2_22.pid`;
        test -z $PID && exit
        kill $PID
        if [ $? -eq 0 ]; then
                success
        else
                failure
        fi

        echo
        ;;
*)
        echo "usage: $0 {start|stop}"
        ;;
esac

Here is my external sshd2_config

## sshd2_config
## SSH 3.2 Server Configuration File
##

## General

        HostKeyFile                     hostkey
        PublicHostKeyFile               hostkey.pub
# add identityfile
#       IdentityFile                    identification
        RandomSeedFile                  random_seed
#       BannerMessageFile               /etc/ssh2/ssh_banner_message
#       BannerMessageFile               /etc/issue.net
#
        VerboseMode                     no
#       QuietMode                       no
        SyslogFacility                  AUTH
#       SyslogFacility                  LOCAL7
#       SftpSyslogFacility              LOCAL7

## Network

# Port is not commented out, as it is needed by the example startup
# scripts. Well, the default won't likely change.
        Port                            22
#       ListenAddress                   202.65.2.134
        ResolveClientHostName           no
        RequireReverseMapping           no
        MaxBroadcastsPerSecond          0
#       MaxBroadcastsPerSecond          1
#       NoDelay                         no
#       KeepAlive                       yes
#       MaxConnections                  50
#       MaxConnections                  0
# 0 == number of connections not limited

## Crypto

        Ciphers                         AnyCipher
#       Ciphers                         AnyStdCipher
#       Ciphers                         3des
# Following includes "none" 'cipher':
#       Ciphers                         AnyStd
#
        MACs                            AnyMAC
#       MACs                            AnyStdMAC
# Following includes "none" 'mac':
#       MACs                            AnyStd
#
#       RekeyIntervalSeconds            3600

## User

        PrintMotd                       yes
        CheckMail                       yes
#       StrictModes                     yes
# Specifies 1 hour (you can also use 'w' for week, 'd' for day, 'm' for
#                   minute, 's' for seconds)
#       IdleTimeOut                     1h
# without specifier, the default number is in seconds
#       IdleTimeOut                     3600
#
        UserConfigDirectory             "%D/.ssh2"
#       UserConfigDirectory             "/etc/ssh2/auth/%U"
        AuthorizationFile               authorization
# add the userknownhosts
        UserKnownHosts                  yes
# This variable is set here, because by default it's empty, and so no
# variables can be set. Because of that, we set a few common ones here.
        SettableEnvironmentVars         LANG,LC_(ALL|COLLATE|CTYPE|MONETARY|NU
RIC|TIME),PATH,TERM,TZ

## Tunneling

        AllowX11Forwarding              yes
        AllowTcpForwarding              yes
#       AllowTcpForwardingForUsers      sjl, cowboyneal@slashdot\.org
#       DenyTcpForwardingForUsers       2[[:digit:]]*4,peelo
#       AllowTcpForwardingForGroups     privileged_tcp_forwarders
#       DenyTcpForwardingForGroups      coming_from_outside
#
# Local port forwardings to host 10.1.0.25 ports 143 and 25 are
# allowed for all users in group users.
# Note that forwardings using the name of this host will be allowed (if
# it can be resolved from the DNS).
#
#      ForwardACL allow local .*%users \i10\.1\.0\.25%(143|25)
#
# Local port forwardings requested exactly to host proxy.company.com
# port 8080 are allowed for users that have 's' as first character
# and belong to the group with group id 10:
#
#      ForwardACL allow local s.*%10 proxy\.company\.com%8080
#
# Remote port forwarding is denied for all users to all hosts:
#      ForwardACL deny remote .* .*


## Authentication
## publickey and password allowed by default

        AllowedAuthentications          hostbased,password
#       AllowedAuthentications          publickey,password
#       AllowedAuthentications          hostbased,publickey,password
#       AllowedAuthentications          hostbased,publickey,keyboard-interacti
#       AllowedAuthentications          publickey,hostbased,password
#       RequiredAuthentications         publickey,password
#       LoginGraceTime                  600
#       AuthInteractiveFailureTimeout   2
#
#       HostbasedAuthForceClientHostnameDNSMatch no
        UserKnownHosts                  yes
#
#       AuthPublicKey.MaxSize           0
#       AuthPublicKey.MinSize           0
        AllowAgentForwarding            yes
#
#       AuthKbdInt.NumOptional          0
#       AuthKbdInt.Optional             pam,password
#       AuthKbdInt.Required             password
#       AuthKbdInt.Retries              3
#
#       PermitEmptyPasswords            no
#       PasswordGuesses                 3

## Host restrictions

#       AllowHosts                      localhost, foobar.com, friendly.org
#
## Next one matches with, for example, taulu.foobar.com, tuoli.com, but
## not tuoli1.com. Note that you have to input string "\." when you want it
## to match only a literal dot. You also have to escape "," when you
## want to use it in the pattern, because otherwise it is considered a list
## separator.
##
##     AllowHosts               t..l.\..*
##
## The following matches any numerical IP-address (yes, it is cumbersome)
##
##     AllowHosts               ([[:digit:]]{1\,3}\.){3}[[:digit:]]{1\,3}
##
## Same thing is achieved with using the special prefix "\i" in a
## pattern. This means that the pattern is only used to match
## IP-addresses.
##
## Using the above example:
##
##     AllowHosts               \i.*
##
## You can probably see the difference between the two.
##
## Also, you can use subnet masks, by using prefix "\m"
##
##     AllowHosts               \m127.0/8
## and
##     AllowHosts               \m127.0.0.0/24
##
## would match localhost ("127.0.0.1").
##
#       DenyHosts                       evil\.org, aol\.com
        AllowSHosts                     trusted\.shost\.org
#       DenySHosts                      not\.quite\.trusted\.org
        IgnoreRhosts                    no
        IgnoreRootRHosts                no
# (the above, if not set, is defaulted to the value of IgnoreRHosts)

## User restrictions

#       AllowUsers                      sj.*,s[[:digit:]]*,s(jl|amza)
#       DenyUsers                       skuuppa,warezdude,31373
#       DenyUsers                       don@untrusted\.org
#       AllowGroups                     staff,users
#       DenyGroups                      guest,anonymous
        PermitRootLogin                 yes
#       PermitRootLogin                 nopwd

## Chrooted environment

#       ChRootUsers                     anonymous,ftp,guest
#       ChRootGroups                    sftp,guest

## SSH1 compatibility

        Ssh1Compatibility               yes
        Sshd1Path                       /local/sbin
#
# This is given as argument to sshd1 with "-f" if sshd2 is invoked
# with "-f", otherwise the default configuration for sshd1 is used.
#       Sshd1ConfigFile                 /etc/sshd_config_alternate

## subsystem definitions

# Subsystems don't have defaults, so this is needed here (uncommented).
        subsystem-sftp                  sftp-server
# Also internal sftp-server subsystem can be used.
#       subsystem-sftp                  internal://sftp-server

## Subconfiguration
# There are no default subconfiguration files. When specified the last
# obtained keyword value will prevail. Note that the host specific files
# are read before the user specific files.

# Following matches (from) any host
#
#      HostSpecificConfig .* /etc/ssh2/subconfig/host_ext.example
#
# Following matches to subnet mask:
#
#      HostSpecificConfig \m192.168.0.0/16 /etc/ssh2/subconfig/host_int.exampl
#
# Following matches to users from ssh.com that have two character long
# username or is sjl and belong to group wheel or wheel[0-9]
#
#      UserSpecificConfig (..|sjl)%wheel[[:digit:]]?@ssh\.com /etc/ssh2/subcon
g/user.example
#
# Following matches to the user anonymous from any host
#
#      UserSpecificConfig anonymous@.* /etc/ssh2/subconfig/anonymous.example

What I am trying to use

is the hostbased , then password

 AllowedAuthentications          hostbased,password

External server can allow internal server to login background

Regards
Edmund
0
 
LVL 38

Expert Comment

by:yuzh
ID: 7153505
Have a look at your: sshd_config file
for where to put the HostKey, eg I use:

HostKey /etc/ssh2/ssh_host_key
HostKey /etc/ssh2/ssh_host_rsa_key
HostKey /etc/ssh2/ssh_host_dsa_key

(you might put your keys at  /usr/local/etc/)
then run the following commands:

    ssh-keygen -t rsa1 -f /etc/ssh2/ssh_host_key -N ""
    ssh-keygen -t dsa -f /etc/ssh2/ssh_host_dsa_key -N ""
    ssh-keygen -t rsa -f /etc/ssh2/ssh_host_rsa_key -N ""

If you are using /usr/local/etc, just replace /etc/ssh2 with /usr/local/etc.





0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7153727
you don't need prngd on Linux, usually.
Just on OS where there is no trustable /dev/random (like Solaris, IRIX).
You simply can identify this by a meassage like:
  ClearAllForwardings
  fatal: Not enough entropy in RNG.
The ssh client simply closes the connection before doing any checks at all (which is not the case here).
0
 

Author Comment

by:edmundli
ID: 7154292

when I add

sshd:sshd2[17639]: WARNING: Unrecognized configuration parameter 'HostKey'.
sshd2[17639]: WARNING: Unrecognized configuration parameter 'HostKey'.
sshd2[17639]: WARNING: Unrecognized configuration parameter 'HostKey'.
sshd2[17639]: WARNING: Failed to parse some variables from config file '/etc/ssh2/sshd2_config'.
sshd2[17639]: FATAL: Failed to read config file /etc/ssh2/sshd2_config

It seems that it is wrong config

Edmund
0
 
LVL 38

Expert Comment

by:yuzh
ID: 7154381
Could you please post your original sshd_config file?
and tell me what you just added to the file.
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 7154569
BTW, why are you running 3.2?  3.4 is the latest, and 3.2 (and 3.3) have known security holes.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:edmundli
ID: 7154731

when I add

sshd:sshd2[17639]: WARNING: Unrecognized configuration parameter 'HostKey'.
sshd2[17639]: WARNING: Unrecognized configuration parameter 'HostKey'.
sshd2[17639]: WARNING: Unrecognized configuration parameter 'HostKey'.
sshd2[17639]: WARNING: Failed to parse some variables from config file '/etc/ssh2/sshd2_config'.
sshd2[17639]: FATAL: Failed to read config file /etc/ssh2/sshd2_config

It seems that it is wrong config

Edmund
0
 

Author Comment

by:edmundli
ID: 7155896
I can not find 3.4 , where do you get this ?
Edmund
0
 

Author Comment

by:edmundli
ID: 7155903
I am using ssh and not openssh.

Here is the config file


## SSH CONFIGURATION FILE FORMAT VERSION 1.1
## REGEX-SYNTAX egrep
## end of metaconfig
## (leave above lines intact!)
## sshd2_config
## SSH 3.2 Server Configuration File
##

## General

        HostKeyFile                     hostkey
        #HostKey                        /etc/ssh2/hostkey
HostKey /etc/ssh/ssh_host_key
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
        PublicHostKeyFile               hostkey.pub
# add identityfile
#       IdentityFile                    identification
        RandomSeedFile                  random_seed
#       BannerMessageFile               /etc/ssh2/ssh_banner_message
#       BannerMessageFile               /etc/issue.net
#
        VerboseMode                     no
#       QuietMode                       no
        SyslogFacility                  AUTH
#       SyslogFacility                  LOCAL7
#       SftpSyslogFacility              LOCAL7

## Network

# Port is not commented out, as it is needed by the example startup
# scripts. Well, the default won't likely change.
        Port                            22
#       ListenAddress                   202.65.2.134
        ResolveClientHostName           no
        RequireReverseMapping           no
        MaxBroadcastsPerSecond          0
#       MaxBroadcastsPerSecond          1
#       NoDelay                         no
#       KeepAlive                       yes
#       MaxConnections                  50
#       MaxConnections                  0
# 0 == number of connections not limited

## Crypto

        Ciphers                         AnyCipher
#       Ciphers                         AnyStdCipher
#       Ciphers                         3des
# Following includes "none" 'cipher':
#       Ciphers                         AnyStd
#
        MACs                            AnyMAC
#       MACs                            AnyStd
#
#       RekeyIntervalSeconds            3600

## User

        PrintMotd                       yes
        CheckMail                       yes
#       StrictModes                     yes
# Specifies 1 hour (you can also use 'w' for week, 'd' for day, 'm' for
#                   minute, 's' for seconds)
#       IdleTimeOut                     1h
# without specifier, the default number is in seconds
#       IdleTimeOut                     3600
#
        UserConfigDirectory             "%D/.ssh2"
#       UserConfigDirectory             "/etc/ssh2/auth/%U"
        AuthorizationFile               authorization
# add the userknownhosts
        UserKnownHosts                  yes
# This variable is set here, because by default it's empty, and so no
# variables can be set. Because of that, we set a few common ones here.

## Tunneling

        AllowX11Forwarding              yes
        AllowTcpForwarding              yes
#       AllowTcpForwardingForUsers      sjl, cowboyneal@slashdot\.org
#       DenyTcpForwardingForUsers       2[[:digit:]]*4,peelo
#       AllowTcpForwardingForGroups     privileged_tcp_forwarders
#       DenyTcpForwardingForGroups      coming_from_outside
#
# Local port forwardings to host 10.1.0.25 ports 143 and 25 are
# allowed for all users in group users.
# Note that forwardings using the name of this host will be allowed (if
# it can be resolved from the DNS).
#
#      ForwardACL allow local .*%users \i10\.1\.0\.25%(143|25)
#
# Local port forwardings requested exactly to host proxy.company.com
# port 8080 are allowed for users that have 's' as first character
# and belong to the group with group id 10:
#
#      ForwardACL allow local s.*%10 proxy\.company\.com%8080
#
# Remote port forwarding is denied for all users to all hosts:
#      ForwardACL deny remote .* .*


## Authentication
## publickey and password allowed by default

        AllowedAuthentications          hostbased,password
#       AllowedAuthentications          publickey,password
#       AllowedAuthentications          hostbased,publickey,password
#       AllowedAuthentications          hostbased,publickey,keyboard-interactiv
#       AllowedAuthentications          publickey,hostbased,password
#       RequiredAuthentications         publickey,password
#       LoginGraceTime                  600
#       AuthInteractiveFailureTimeout   2
#
#       HostbasedAuthForceClientHostnameDNSMatch no
        UserKnownHosts                  yes
#
#       AuthPublicKey.MaxSize           0
#       AuthPublicKey.MinSize           0
        AllowAgentForwarding            yes
#
#       AuthKbdInt.NumOptional          0
#       AuthKbdInt.Optional             pam,password
#       AuthKbdInt.Required             password
#       AuthKbdInt.Retries              3
#
#       PermitEmptyPasswords            no
#       PasswordGuesses                 3

## Host restrictions

#       AllowHosts                      localhost, foobar.com, friendly.org
#
## Next one matches with, for example, taulu.foobar.com, tuoli.com, but
## not tuoli1.com. Note that you have to input string "\." when you want it
## to match only a literal dot. You also have to escape "," when you
## want to use it in the pattern, because otherwise it is considered a list
## separator.
##
##     AllowHosts               t..l.\..*
##
## The following matches any numerical IP-address (yes, it is cumbersome)
##
##     AllowHosts               ([[:digit:]]{1\,3}\.){3}[[:digit:]]{1\,3}
##
## Same thing is achieved with using the special prefix "\i" in a
## pattern. This means that the pattern is only used to match
## IP-addresses.
##
## Using the above example:
##
##     AllowHosts               \i.*
##
## You can probably see the difference between the two.
##
## Also, you can use subnet masks, by using prefix "\m"
##
##     AllowHosts               \m127.0/8
## and
##     AllowHosts               \m127.0.0.0/24
##
## would match localhost ("127.0.0.1").
##
#       DenyHosts                       evil\.org, aol\.com
        AllowSHosts                     trusted\.shost\.org
#       DenySHosts                      not\.quite\.trusted\.org
        IgnoreRhosts                    no
        IgnoreRootRHosts                no
# (the above, if not set, is defaulted to the value of IgnoreRHosts)

## User restrictions

#       AllowUsers                      sj.*,s[[:digit:]]*,s(jl|amza)
#       DenyUsers                       skuuppa,warezdude,31373
#       DenyUsers                       don@untrusted\.org
#       AllowGroups                     staff,users
#       DenyGroups                      guest,anonymous
        PermitRootLogin                 yes
#       PermitRootLogin                 nopwd

## Chrooted environment

#       ChRootUsers                     anonymous,ftp,guest
#       ChRootGroups                    sftp,guest

## SSH1 compatibility

        Ssh1Compatibility               yes
        Sshd1Path                       /local/sbin
#
# This is given as argument to sshd1 with "-f" if sshd2 is invoked
# with "-f", otherwise the default configuration for sshd1 is used.
#       Sshd1ConfigFile                 /etc/sshd_config_alternate

# Subsystems don't have defaults, so this is needed here (uncommented).
        subsystem-sftp                  sftp-server
# Also internal sftp-server subsystem can be used.
#       subsystem-sftp                  internal://sftp-server

## Subconfiguration
# There are no default subconfiguration files. When specified the last
# obtained keyword value will prevail. Note that the host specific files
# are read before the user specific files.

# Following matches (from) any host
#
#      HostSpecificConfig .* /etc/ssh2/subconfig/host_ext.example
#
# Following matches to subnet mask:
#
#      HostSpecificConfig \m192.168.0.0/16 /etc/ssh2/subconfig/host_int.example
#
# Following matches to users from ssh.com that have two character long
# username or is sjl and belong to group wheel or wheel[0-9]
#
#      UserSpecificConfig (..|sjl)%wheel[[:digit:]]?@ssh\.com /etc/ssh2/subconf
g/user.example
#
# Following matches to the user anonymous from any host
#
#      UserSpecificConfig anonymous@.* /etc/ssh2/subconfig/anonymous.example


Here is the etc/ssh

[root@apmailgate02 ssh]# ls -l
total 60
-rw-------    1 root     root        26287 Sep  6  2001 primes
-rw-r--r--    1 root     root         1073 Sep  6  2001 ssh_config
-rw-------    1 root     root         1771 Sep  6  2001 sshd_config
-rw-------    1 root     root          668 May  9 17:18 ssh_host_dsa_key
-rw-r--r--    1 root     root          590 May  9 17:18 ssh_host_dsa_key.pub
-rw-------    1 root     root          515 May  9 17:18 ssh_host_key
-rw-r--r--    1 root     root          319 May  9 17:18 ssh_host_key.pub
-rw-------    1 root     root          883 May  9 17:18 ssh_host_rsa_key
-rw-r--r--    1 root     root          210 May  9 17:18 ssh_host_rsa_key.pub

Edmund
Thanks
0
 
LVL 38

Accepted Solution

by:
yuzh earned 100 total points
ID: 7156086
Ok, did you add the following entry to the config file:

HostKey /etc/ssh/ssh_host_key
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
       
if they are added by you, then comment them out, try to run the following comment it out.

/patch-to/ssh-keygen -b 1024 -tdsa -P /path-to-sshd2_config
/hostkey

If the HostKeys are original come with your sshd2_config, try the following commands:


 ssh-keygen -t rsa1 -f /path-to-sshd2_config/ssh_host_key -N ""

  ssh-keygen -t dsa -f /path-to-sshd2_config/ssh_host_dsa_key -N ""
 
  ssh-keygen -t rsa -f /path-to-sshd2_config//ssh_host_rsa_key -N ""

 

0
 
LVL 20

Expert Comment

by:jmcg
ID: 10329629
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

Accept: yuzh {http:#7156086}

Please leave any comments here within the next four days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

jmcg
EE Cleanup Volunteer
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 10332219
disagree,
according the question the problem was the missing public key of the user, which I answered in my early comment.
Probably the missing, or misconfigured, server key was an additional problem.
I don't see a reason why this is related to the question, except the ssh login was to the server itself (which has never been said).
0
 
LVL 20

Expert Comment

by:jmcg
ID: 10332838
In situations like this, where I can't tell if the asker finally got a solution, I am inclined to recommend the points go to the expert who seemed to be successfully engaging the asker (unless I can see that it's obviously a wild goose chase). Your advice, if followed-up on, would almost certainly have had similar results to what yuzh was doing.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 10340407
no, no, yuzh's suggestion is not wrong/bad/orwhatever, I just think that it does not solve the initial question, and I cannot see that the question has changed
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 10361470
as long as the questioner does not come back and leave a comment that the graded answer was the solution to the initial question, I'll insist on my previous comments that the wrong suggestion has been graded.
Just in case furture readers are wondering ..

<yuzh>
 you know how to read my comments, for shure ;-)
</yuzh>
0
 
LVL 38

Expert Comment

by:yuzh
ID: 10369600
The problem in this question looks like:

1. missing public key.

    the asker may forgot to confige the key, or put the key in the wrong place!
   
   
or

2. sshd server misconfigured .
   
Comment (ID: 7152092) has answered how to create the key.

From comment (ID: 7154292), it shows the asker missconfig the server, well at least he/she put
the keys in the wrong place (did not match sshd_config configuration).

comment (ID: 7156086), give example about craete keys to match the server configuration.

Since the asker did not get backup to us, I don't kown which one solve his/her problem, consider
a SPLIT.


 
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now