LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-10-2010, 06:24 AM   #1
uncle-c
Member
 
Registered: Oct 2006
Location: The Ether
Distribution: Ubuntu 16.04.7 LTS, Kali, MX Linux with i3WM
Posts: 299

Rep: Reputation: 30
SSH login problem for additional users after password-less login setup


Hi folks,
I've set up password-less login for user1 on a Ubuntu machine to login automatically into a Fedora box using the publickey authentication method. Everything is working smoothly. Now, there is a user2 on Fedora but he does not have an account on Ubuntu. I tried to login as user2 from Ubuntu to but got the following error :

Code:
user1@Ubuntu:~$ ssh user2@192.168.xxx.xxx
Permission denied (publickey,gssapi-with-mic).
user1@Ubuntu:~$
Predictably neither scp or sftp work either. I have several questions as a result.

1.Is the SSH server rejecting user2 login because I am inadvertently using user1 keys (as I am logged in as user1) ?

2. Do I need to have a user2 account on Ubuntu and public/private key authentication setup with Fedora for user2 to be able to login ?

3. Is there a method I can use to password login as user2 from Ubuntu to Fedora (even though there is no user2 account on Ubuntu) AND still keep password-less login for user1 or do I have to have password-less login for both ?

At present the only way to access the user2 account from Ubuntu is to SSH using the user1 account and then su to user2.

Thanks
C

Last edited by uncle-c; 02-10-2010 at 06:39 AM.
 
Old 02-10-2010, 07:15 AM   #2
eyemole80
Member
 
Registered: Jun 2004
Distribution: Fedora Core 1
Posts: 47
Blog Entries: 1

Rep: Reputation: 16
You should had get the password prompt for user2.
Check sshd_config file in fedora if you have enabled any access controls?

Also try ruuning following command which will reveal more information.

ssh -v user2@192.168.xxx.xxx
 
Old 02-10-2010, 09:42 AM   #3
uncle-c
Member
 
Registered: Oct 2006
Location: The Ether
Distribution: Ubuntu 16.04.7 LTS, Kali, MX Linux with i3WM
Posts: 299

Original Poster
Rep: Reputation: 30
Here is the output from ssh -v user2@192.168.xxx.xxx

Code:
OpenSSH_5.1p1 Debian-3ubuntu1, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.xxx.xxx [192.168.xxx.xxx] port 22.
debug1: Connection established.
debug1: identity file /home/USER1/.ssh/identity type -1
debug1: identity file /home/USER1/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/USER1/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1
debug1: match: OpenSSH_5.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-3ubuntu1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '192.168.x.xxx' is known and matches the RSA host key.
debug1: Found key in /home/USER1/.ssh/known_hosts:4
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Unspecified GSS failure.  Minor code may provide more information


debug1: Next authentication method: publickey
debug1: Offering public key: /home/USER1/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-with-mic
debug1: Trying private key: /home/USER1/.ssh/identity
debug1: Trying private key: /home/USER1/.ssh/id_dsa
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-with-mic).
HTH
 
Old 02-10-2010, 12:51 PM   #4
uncle-c
Member
 
Registered: Oct 2006
Location: The Ether
Distribution: Ubuntu 16.04.7 LTS, Kali, MX Linux with i3WM
Posts: 299

Original Poster
Rep: Reputation: 30
Thanks eyemole.Managed to sort out the problem, it was an edit I had made to the sshd_config file when I had set up passwordless login for user1. To allow for others users to login using passwords I had to make the following change in the sshd_config file


# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication no

to

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication yes
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH Problem - Can't login using Hostname, can login using ip address jqweezy Linux - Networking 7 01-26-2009 02:21 PM
problem disabling SSH password login on suse 11 dasy2k1 Linux - Security 1 09-25-2008 07:03 PM
ssh login without password shishirkotkar Linux - Software 2 04-12-2008 04:27 PM
ssh login without password centos1986 Linux - Security 1 05-01-2007 07:45 AM
SSH Login with no password mperkel Linux - Security 3 01-16-2007 08:42 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 06:14 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration