ssh rsa key issue in rhel5 and 6

Posted on 2013-05-22
Medium Priority
Last Modified: 2013-06-22

My machine rsa key is not working ....showing some kerberos issue while connecting via secure crt tool please help
Question by:apunkabollywood
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 20

Accepted Solution

Daniel McAllister earned 800 total points
ID: 39189120
SecureCRT is an SSH tool. If it is reporting an RSA key failure, it is most likely because the RSA key being used at one end or the other has either been changed or has expired.

Suggest you look through the discussion at

The idea of an RSA key is that the two ends each have an encryption key that they use to talk to each other. If either key gets changed (or corrupted), or expires, then the connection is marked as invalid.

I hope the link is able to help...


Author Comment

ID: 39190143
This is the reason and log of trace option

[LOCAL] : RECV : USERAUTH_FAILURE, continuations [publickey,gssapi-with-mic,password]
[LOCAL] : SENT : USERAUTH_REQUEST [publickey (ssh-dss) - unsigned,fingerprint: 1a:ca:c8:c5:3e:f0:43:ad:f9:c8:41:3d:9d:28:e9:55]
[LOCAL] : RECV : USERAUTH_FAILURE, continuations [publickey,gssapi-with-mic,password]
[LOCAL] : SENT : USERAUTH_REQUEST [publickey (ssh-dss) - unsigned,agent,fingerprint: 1a:ca:c8:c5:3e:f0:43:ad:f9:c8:41:3d:9d:28:e9:55]
[LOCAL] : RECV : USERAUTH_FAILURE, continuations [publickey,gssapi-with-mic,password]
[LOCAL] : GSS SPN : host@server
[LOCAL] : [SSPI/1.2.840.113554.1.2.2] : Authentication could not be started.
[LOCAL] : [SSPI/1.2.840.113554.1.2.2] : The specified target is unknown or unreachable  
[LOCAL] : GSS : All available mechanisms failed.
[LOCAL] : SEND: Disconnect packet: Unable to authenticate using any of the configured authentication methods.  
[LOCAL] : RECV: TCP/IP close
[LOCAL] : Connected for 15 seconds, 2603 bytes sent, 2436 bytes received
[LOCAL] : Stream has closed [CLOSE_TYPE_NONSPECIFIC] : The client has disconnected from the server.  Reason: Unable to authenticate using any of the configured authentication methods.  

The client has disconnected from the server.  Reason:
Unable to authenticate using any of the configured authentication methods.
LVL 20

Assisted Solution

by:Daniel McAllister
Daniel McAllister earned 800 total points
ID: 39190864
Is it possible you changed your password on one of the machines?
(some of the auth methods tried are sending the auth data on the local system to the remote one).

I'm also assuming you modified the part of the log file where it says you're trying to connect to "host@server" -- which isn't resolving on your source (ssh client) system.

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.


Assisted Solution

1ly4me earned 200 total points
ID: 39193602
You might need some changes on sshd config file to allow remote ssh logins

Author Comment

ID: 39198680
i have tried changing password but no it doesnt work ...

@ 1ly4me could you pls list what changes i need to do in sshd config file to allow - i have tried most but still need to confirm
LVL 20

Expert Comment

by:Daniel McAllister
ID: 39268069
I am glad you found the problem... one thing to add for posterity (that I failed to think of earlier)... if you look through your log (/var/log/messages) you MAY find that your selinux is preventing the sshd daemon from accessing the /etc/passwd file, and thus all authentication may fail.


Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses
Course of the Month7 days, 23 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question