[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


SSH error: Method 'publickey' disabled

Posted on 2004-11-28
Medium Priority
Last Modified: 2013-12-06
 I'm configuring ssh between a HP-UX11i (using OpenSSH_3.6.1p2, SSH protocols 1.5/2.0) and  an Alpha Server based on TRU64 using (SSH2, commericial version) but am faced with a slight problem. I have managed to successfully configure ssh connectivity from HP-UX server to TRU64 server but the problem lies from TRU64 to HP-UX. This is what I have done:

(1) Create DSA keys on TRU64 server (i.e ssh-keygen -t dsa..) with empty passphrase. This creates a 2048bit DSA paired private/public key.
(2) Copied the public key to HP-UX server
         - scp ~/.ssh2/id_dsa_2048_a.pub HP-UX:.ssh
(3) Converted the key on HP-UX server
        - ssh-keygen -i -f id_dsa_2048_a.pub >>authorized_keys2 (and also to authorized_keys)
(4) On TRU 64 server I added entry to identification file (IdKey id_dsa_2048_a.pub)

This is all the settings I have done on both the servers but when I test ssh connectivity from TRU64 server to HP-UX server, I still get prompted for password:

ssh -v HP-UX server -l <username>

debug: SshAppCommon/sshappcommon.c:138: Allocating global SshRegex context.
debug: SshConfig/sshconfig.c:2796: Metaconfig parsing stopped at line 3.
debug: SshConfig/sshconfig.c:2704: Unable to open ~/.ssh2/ssh2_config
debug: Connecting to HP-UX, port 22... (SOCKS not used)
debug: Ssh2/ssh2.c:2297: Entering event loop.
debug: Ssh2Client/sshclient.c:1421: Creating transport protocol.
debug: SshAuthMethodClient/sshauthmethodc.c:83: Added "publickey" to usable methods.
debug: SshAuthMethodClient/sshauthmethodc.c:83: Added "keyboard-interactive" to usable methods.
debug: SshAuthMethodClient/sshauthmethodc.c:83: Added "password" to usable methods.
debug: Ssh2Client/sshclient.c:1462: Creating userauth protocol.
debug: client supports 3 auth methods: 'publickey,keyboard-interactive,password'
debug: Ssh2Common/sshcommon.c:529: local ip = TRU64 IP, local port = 1886
debug: Ssh2Common/sshcommon.c:531: remote ip = HP-UX IP, remote port = 22
debug: SshConnection/sshconn.c:1945: Wrapping...
debug: SshReadLine/sshreadline.c:2414: Initializing ReadLine...
debug: Remote version: SSH-2.0-OpenSSH_3.6.1p2
debug: OpenSSH: Major: 3 Minor: 6 Revision: 1
debug: Ssh2Transport/trcommon.c:1517: All versions of OpenSSH handle kex guesses incorrectly.
debug: Ssh2Transport/trcommon.c:1900: lang s to c: `', lang c to s: `'
debug: Ssh2Transport/trcommon.c:1965: c_to_s: cipher aes128-cbc, mac hmac-sha1, compression none
debug: Ssh2Transport/trcommon.c:1968: s_to_c: cipher aes128-cbc, mac hmac-sha1, compression none
debug: Remote host key found from database.
debug: Ssh2Common/sshcommon.c:330: Received SSH_CROSS_STARTUP packet from connection protocol.
debug: Ssh2Common/sshcommon.c:380: Received SSH_CROSS_ALGORITHMS packet from connection protocol.
debug: server offers auth methods 'external-keyx,gssapi,publickey,password,keyboard-interactive'.
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1590: adding keyfile "/usr/users/prdadm/.ssh2/id_dsa_prdadm_bdun0610" to candidates
debug: server offers auth methods 'external-keyx,gssapi,publickey,password,keyboard-interactive'.
debug: Ssh2AuthClient/sshauthc.c:318: Method 'publickey' disabled.
debug: server offers auth methods 'external-keyx,gssapi,publickey,password,keyboard-interactive'.
debug: server offers auth methods 'external-keyx,gssapi,publickey,password,keyboard-interactive'.
debug: Ssh2AuthPasswdClient/authc-passwd.c:105: Starting password query...
user password:

Permission in .ssh directory for files on HP-UX server are:
-rw------- authorized_keys, authorized_keys2
-rw-r--r--  id_dsa_2048_a.pub
-rw-r--r-- known_hosts

ssh_config file below:
# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for various options

# Host *
#   ForwardAgent no
#   ForwardX11 no
#   RhostsAuthentication no
#   RhostsRSAAuthentication no
#   RSAAuthentication yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   BatchMode no
#   CheckHostIP yes
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/identity
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   Port 22
    Protocol 2
#   Cipher 3des
#   Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
#   EscapeChar ~

ANY IDEAS what I'm doing wrong or what extra I need to do please.


Question by:budrito12
LVL 11

Expert Comment

by:Paul S
ID: 12690773
have you simply tried adding the password after the username in the command to connect?

Expert Comment

ID: 12690931
Have you tried to specify the private key name on the command line?  Like
ssh -i ./.ssh/id_dsa_2048_a  HP-UX-server -l <username>

Author Comment

ID: 12693352
Hi The Computer Guru 777, yes i tried that and am able to connect that way. Jharriss haven't tired that ANYWAY I have managed to solve the problem myself. The problem lied with the permission on the .ssh directory on HP-UX server. This was set to 777 I changed this to 755 and it works now so manythanks for your help.

LVL 51

Expert Comment

ID: 12693734
# in sshd_config (in /etc or /etc/ssh, usually):
PubkeyAuthentication yes

Accepted Solution

modulo earned 0 total points
ID: 13033320
Closed, 125 points refunded.

Community Support Moderator
Experts Exchange

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Sometimes a user will call me frantically, explaining that something has gone wrong and they have tried everything (read - they have messed it up more and now need someone to clean up) and it still does no good, can I help them?!  Usually the standa…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Suggested Courses

868 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question