Solved

ssh localhost keeps asking for password

Posted on 2004-09-02
3
2,741 Views
Last Modified: 2013-12-04
Hello,

I've created ssh keys (both rsa and dsa), saved them to authorized_keys and authorized_keys2 files, ran ssh-agent and ssh-add, but when I try to ssh to localhost, I'm still being asked my password.  Here's what I get:

ssh -v -l wtcorrea localhost
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/wtcorrea/.ssh/identity type -1
debug1: identity file /home/wtcorrea/.ssh/id_rsa type 1
debug1: identity file /home/wtcorrea/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.6.1p2
debug1: match: OpenSSH_3.6.1p2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'localhost' is known and matches the RSA host key.
debug1: Found key in /home/wtcorrea/.ssh/known_hosts:8
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering agent key: /home/wtcorrea/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Offering agent key: /home/wtcorrea/.ssh/id_dsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: /home/wtcorrea/.ssh/identity
debug1: Offering public key: /home/wtcorrea/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Offering public key: /home/wtcorrea/.ssh/id_dsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password
wtcorrea@localhost's password:

I'm running Fedora Core 2, and my .ssh directory looks like this:

drwx------   2 wtcorrea wtcorrea 4096 Sep  2 17:09 ./
drwxrwxr-x  52 wtcorrea wtcorrea 4096 Sep  2 17:09 ../
-rw-------   1 wtcorrea wtcorrea  224 Sep  2 16:55 authorized_keys
-rw-------   1 wtcorrea wtcorrea  604 Sep  2 16:13 authorized_keys2
-rw-------   1 wtcorrea wtcorrea  736 May 25 15:18 id_dsa
-rw-r--r--   1 wtcorrea wtcorrea  604 May 25 15:18 id_dsa.pub
-rw-------   1 wtcorrea wtcorrea  951 Sep  2 16:54 id_rsa
-rw-r--r--   1 wtcorrea wtcorrea  224 Sep  2 16:54 id_rsa.pub
-rw-------   1 wtcorrea wtcorrea 3382 Sep  2 16:20 known_hosts

Any ideas on how to fix this?

Thanks,

Wagner
0
Comment
Question by:wtcorrea
3 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 11970190
When you created the public/private keys did you supply a passphrase at the prompt? If you did you'll always have to enter that passphrase to use the key.
0
 
LVL 23

Accepted Solution

by:
Mysidia earned 75 total points
ID: 11970601
How'd you save them?

the keys need to appear one per line in authorized_keys
if you pasted them into an editor and it wrapped a key over several lines it won't work

also check the permissions of your home directory
  ls -ld /home/user

If anything in the path to /home/user/.ssh/* is group writable (for example) the ssh server may be ignoring the
.ssh directory entirely
0
 
LVL 14

Assisted Solution

by:chris_calabrese
chris_calabrese earned 50 total points
ID: 11972012
As shown in
> drwxrwxr-x  52 wtcorrea wtcorrea 4096 Sep  2 17:09 ../

Your home directory is group writable. Since Mysidia mentioned this issue in general, but not specifically, you should give Mysidia half the points.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Mitigation for Win 10 user account bypass 8 108
Read-only access for auditors 5 76
Login to computer through Admin Priviligies 9 96
Work with App store 7 53
In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

822 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question