Solved

ssh rsa key issue in rhel5 and 6

Posted on 2013-05-22
9
767 Views
Last Modified: 2013-06-22
Hi

My machine rsa key is not working ....showing some kerberos issue while connecting via secure crt tool please help
0
Comment
Question by:apunkabollywood
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
9 Comments
 
LVL 20

Accepted Solution

by:
Daniel McAllister earned 400 total points
ID: 39189120
SecureCRT is an SSH tool. If it is reporting an RSA key failure, it is most likely because the RSA key being used at one end or the other has either been changed or has expired.

Suggest you look through the discussion at
http://forums.vandyke.com/archive/index.php/t-2185.html

The idea of an RSA key is that the two ends each have an encryption key that they use to talk to each other. If either key gets changed (or corrupted), or expires, then the connection is marked as invalid.

I hope the link is able to help...

Dan
IT4SOHO
0
 

Author Comment

by:apunkabollywood
ID: 39190143
This is the reason and log of trace option

[LOCAL] : RECV : USERAUTH_FAILURE, continuations [publickey,gssapi-with-mic,password]
[LOCAL] : SENT : USERAUTH_REQUEST [publickey (ssh-dss) - unsigned,fingerprint: 1a:ca:c8:c5:3e:f0:43:ad:f9:c8:41:3d:9d:28:e9:55]
[LOCAL] : RECV : USERAUTH_FAILURE, continuations [publickey,gssapi-with-mic,password]
[LOCAL] : SENT : USERAUTH_REQUEST [publickey (ssh-dss) - unsigned,agent,fingerprint: 1a:ca:c8:c5:3e:f0:43:ad:f9:c8:41:3d:9d:28:e9:55]
[LOCAL] : RECV : USERAUTH_FAILURE, continuations [publickey,gssapi-with-mic,password]
[LOCAL] : GSS SPN : host@server
[LOCAL] : [SSPI/1.2.840.113554.1.2.2] : Authentication could not be started.
[LOCAL] : [SSPI/1.2.840.113554.1.2.2] : The specified target is unknown or unreachable  
[LOCAL] : GSS : All available mechanisms failed.
[LOCAL] : SEND: Disconnect packet: Unable to authenticate using any of the configured authentication methods.  
[LOCAL] : Changing state from STATE_CONNECTION to STATE_SEND_DISCONNECT
[LOCAL] : RECV: TCP/IP close
[LOCAL] : Changing state from STATE_SEND_DISCONNECT to STATE_CLOSED
[LOCAL] : Connected for 15 seconds, 2603 bytes sent, 2436 bytes received
[LOCAL] : Stream has closed [CLOSE_TYPE_NONSPECIFIC] : The client has disconnected from the server.  Reason: Unable to authenticate using any of the configured authentication methods.  

The client has disconnected from the server.  Reason:
Unable to authenticate using any of the configured authentication methods.
0
 
LVL 20

Assisted Solution

by:Daniel McAllister
Daniel McAllister earned 400 total points
ID: 39190864
Is it possible you changed your password on one of the machines?
(some of the auth methods tried are sending the auth data on the local system to the remote one).

I'm also assuming you modified the part of the log file where it says you're trying to connect to "host@server" -- which isn't resolving on your source (ssh client) system.

Dan
IT4SOHO
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 5

Assisted Solution

by:1ly4me
1ly4me earned 100 total points
ID: 39193602
You might need some changes on sshd config file to allow remote ssh logins
0
 

Author Comment

by:apunkabollywood
ID: 39198680
i have tried changing password but no it doesnt work ...

@ 1ly4me could you pls list what changes i need to do in sshd config file to allow - i have tried most but still need to confirm
0
 
LVL 20

Expert Comment

by:Daniel McAllister
ID: 39268069
I am glad you found the problem... one thing to add for posterity (that I failed to think of earlier)... if you look through your log (/var/log/messages) you MAY find that your selinux is preventing the sshd daemon from accessing the /etc/passwd file, and thus all authentication may fail.

Dan
IT4SOHO
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
AWS EC2 HTTP & HTTPS 2 68
I NEED A "BARE" LINUX ... 9 84
Redhat upgrade 1 47
Equivalent of WSUS for Solaris, AIX and Cisco devices 11 64
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question