Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
storage> uname -a
Linux storage 2.4.22-uc0 #458 Tue Apr 3 01:09:49 CST 2007 ppc unknown
storage> ssh -v
OpenSSH_4.2p1, OpenSSL 0.9.7e 25 Oct 2004
storage> ls -la /etc/ssh
drwxr-xr-x 2 root root 1024 May 28 03:23 .
drwxr-xr-x 8 root root 2048 May 28 03:13 ..
-rw------- 1 root root 1192 May 28 03:12 ssh_host_dsa_key
-rw-r--r-- 1 root root 1114 May 28 03:12 ssh_host_dsa_key.pub
-rw------- 1 root root 975 May 28 03:03 ssh_host_key
-rw-r--r-- 1 root root 639 May 28 03:03 ssh_host_key.pub
-rw------- 1 root root 1675 May 28 03:05 ssh_host_rsa_key
-rw-r--r-- 1 root root 394 May 28 03:05 ssh_host_rsa_key.pub
-rw-r--r-- 1 root root 2974 May 28 03:23 sshd_config
-rw-r--r-- 1 root root 2961 May 28 03:27 sshd_config_org
-rw-r--r-- 1 root root 2977 May 28 03:23 sshd_config_save
my sshd configuration:
# vi etc/ssh/sshd_config
# $OpenBSD: sshd_config,v 1.72 2005/07/25 11:59:40 markus Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
# HostKey for protocol version 1
# HostKeys for protocol version 2
# Lifetime and size of ephemeral version 1 server key
# obsoletes QuietMode and FascistLogging
#now ssh is only used by rsync ==> auth by passwd file of rsync server
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
# similar for protocol version 2
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
# Don't read the user's ~/.rhosts and ~/.shosts files
# To disable tunneled clear text passwords, change to no here!
# Change to no to disable s/key passwords
# Kerberos options
# GSSAPI options
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication mechanism.
# Depending on your PAM configuration, this may bypass the setting of
# PasswordAuthentication, PermitEmptyPasswords, and
# "PermitRootLogin without-password". If you just want the PAM account and
# session checks to run without PAM authentication, then enable this but set
# no default banner path
# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server
I tried to remove /root/.ssh/known_hosts
and regenerate all keys:
Hmm... I'm not very knowledgeable on this problem, but I just checked my /etc/ssh/sshd_config and every line was commented out, and I did not have /root/.ssh at all. Perhaps you can try that for troubleshooting?
Distribution: Caldera, CTOS, Debian, FreeBSD, Mac OS X, Mandrake, Minix, OpenBSD, Slackware, SuSE
I used your sshd_config file, tried root ssh connection to localhost, and got the same results as you. After trial and error, I was finally able to login. This is what I did:
# cd ~/.ssh
# ssh-keygen -t rsa
no passphrase entered for key
# cp id_rsa.pub authorized_keys
# chmod 600 authorized_keys
# ssh -v localhost
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Offering public key: /root/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
Last login: Mon May 28 11:59:48 2007 from localhost
If you enter a passphrase when you create your ssh key, you will be prompted to enter it when connecting via ssh.
The #AuthorizedKeysFile .ssh/authorized_keys entry is the default for where your public key is searched. If you don't copy your public key as I did in the above steps, you can have AuthorizedKeysFile .ssh/id_rsa.pub instead. Reference man sshd_config.
If you run sshd in debug mode, you'll see what it's looking for:
debug1: trying public key file /root/.ssh/authorized_keys
debug1: matching key found: file /root/.ssh/authorized_keys, line 1
debug1: trying public key file /root/.ssh/id_rsa.pub
debug1: matching key found: file /root/.ssh/id_rsa.pub, line 1