[SOLVED] Debian Etch SSH rsa authentication problem
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
to outline what i have :
ubuntu hardy heron ssh-server
debian lenny ssh-server
kde etch ssh-server [initially just a client]
the first test i performed was, create an rsa key from debian etch,
and connect via public key to debian lenny, and it failed with this message
Permission denied. (Public Key)
just to make sure that i did try a variant approach, i enabled password
authentication, and connected via login to lenny still from etch,
and it was successful
but on retry with public key (first with rsa, then with dsa) i got the same result
At which point, i tried a diff. approach, which was why i had the ubuntu. I tested rsa / dsa authentication connections between
debian lenny and ubuntu, both ways, and it worked
After that, I installed ssh-server on Etch, added the public keys from
ubuntu and debian, and have found that i was able to connect
via public key authentication to the etch server.
With everything seemingly working fine.
I recreate public keys on Debian Etch and tried to connect
to either Lenny / Hardy Heron, with no success.
( I did also try Etch to Etch, and failed with the same error. )
Alright, i'm very sorry it took quite a while to follow up on this,
but I had to make sure that I wasn't making an obvious error somewhere,
which at this point I'm convinced I truly have not overlooked anything
With all that said, has anyone out there experienced similar problems
trying to ssh from a Debian Etch?
There are many things that can cause ssh RSA auth failures, as such googling can present you with many answers that won't apply in any given situation. So, a good start is looking at the ssh debug information.
Read /var/log/auth.log on the server, and run the client in verbose mode (ssh -vvv).
If you can't get the answers from the above, the next thing to try is running sshd in debug mode (sshd -d) on the server, and then ssh to that instance of sshd: this will give much more server side debug info than what you normally get in /var/log/auth.log.
Last edited by evo2; 12-15-2009 at 01:15 AM.
To evo2, many thanks. I obviously should have consulted the logs in the first place.
Anyway, what happened was the key generated by the Debian Etch i used was already blacklisted.
i did use a r1 and r3 of etch, and it was the r3 that i set up as ssh server.
naturally the r1's generated key was already in blacklist, but i found it weird that
the r3 generated key was also blacklisted in lenny, even in ubuntu hardy heron.
in any case, for simple test purposes on an isolated lan, PermitBlacklistedKeys yes did the trick.