LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 06-23-2004, 11:39 AM   #1
eayars
LQ Newbie
 
Registered: Jun 2004
Location: Chico, CA
Distribution: Debian, Mac OS X
Posts: 2

Rep: Reputation: 0
ssh id_dsa.pub works on one machine, but not another


This may technically be a Mac OS X question, but I can't find a Mac help forum with enough expertise with ssh to answer this one, so I'm asking here and hoping for the best.

My home network consists of two G4 laptops and an older blue G3 tower that I use as a printer- and file-server. The laptops are wireless, the desktop is wired: all connect through a 2Wire DSL modem/hub. Laptop A is running OS 10.3.4, Laptop B and the G3 are running 10.2.something, and are at the same patchlevel.

I am trying to use rsync to back up the laptops to the G3, and need to be able to ssh to the G3 without password authentication so that cron can do it for me in the wee hours of the morning. Easy enough: put id_dsa.pub in $HOME/.ssh/authorized_keys, etc.

Laptop B does fine, and connects to the G3 without a password, so I know it's possible with the G3's configuration. Laptop A, however, ends up still needing password authentication when I ssh to the G3.

Here's where things get weird: Just for fun, I added laptop A's id_dsa.pub to laptop B's $HOME/.ssh/authorized_keys, and I can connect A to B without a password. B and the G3 are running identical systems, and A can connect to B but not the G3. When I ssh -vvv on each, everything is the same until:

A% ssh -vvv user@B gives
...
debug1: Offering public key: /Users/eayars/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-dss blen 433 lastkey 0x300b20 hint 2
(connects.)

A% ssh -vvv user@G3 gives
...
debug1: Offering public key: /Users/eayars/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred:
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
(asks for password.)

Both B and the G3 are running OpenSSH_3.4p1, A is running OpenSSH_3.6.1p1.
/etc/ssh_config is identical on both B and the G3.
/etc/sshd_config is identical on both B and the G3.
Permissions on .ssh/ are 4755 on both B and the G3.
Permissions on .ssh/authorized_keys are 600 on both B and the G3.
.ssh/authorized_keys is identical on both B and the G3.

Obviously something is different between B and the G3, but I'm at a loss. What do I check next?

Thanks,
Eric
 
Old 06-23-2004, 01:24 PM   #2
eayars
LQ Newbie
 
Registered: Jun 2004
Location: Chico, CA
Distribution: Debian, Mac OS X
Posts: 2

Original Poster
Rep: Reputation: 0
Update: I installed id_dsa in .ssh/authorized_keys for two different users on the G3. Both users have "administrator" priviledges, one user is uid 501, the other is uid 502. I can ssh without password to the second one, but not the first. Of course, it's the first that I need... :-(

What differences could there be between two users that might cause this behavior? I'm really at a loss, here...

Eric
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't login with ssh pub keys fisayo Mandriva 2 11-17-2005 07:12 PM
ssh connection from a Windows machine to a Linux machine pistachio Linux - Networking 1 08-30-2005 10:45 AM
how to open a dilog on local machine when i do ssh to remote machine fahad26 Programming 3 05-03-2005 07:39 PM
SSH: multiple id_rsa and id_rsa.pub scheme workable? glock27linux Linux - Security 1 11-15-2003 11:58 AM
Apache works on local machine, not LAN lanzdale Linux - Software 3 09-02-2003 09:16 PM


All times are GMT -5. The time now is 02:35 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration