Hi all,

I have a slackware platform and I'm going to manage the SSH connection between server and client.

I have genereted on my winXP machine into the SSH client the private and public keys and uploaded the last one on the server account using the tool provided by the client. What I see it is a folder named ".ssh2" containing two file:

- authorization // index
- pubkeyname.pub // Key

From the server point of view I have configured the daemon like follow:

# $OpenBSD: sshd_config,v 1.53 2002/05/15 21:02:53 markus Exp $

# This is the sshd server system-wide configuration file. See sshd(8)
# for more information.

# This sshd was compiled with PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.

Port 22
#Protocol 2,1
Protocol 2
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 2048

# Logging
#obsoletes QuietMode and FascistLogging
SyslogFacility AUTH
LogLevel INFO

# Authentication:

LoginGraceTime 600
PermitRootLogin yes
#StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
AuthorizedKeysFile ~/.ssh2/authorization

# rhosts authentication should not be used
#RhostsAuthentication no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no


I would like to access on the user account without digit the password using the public key but using this configuration the feedback is:

- Server responded "No further authentication methods available" No more authentication methods available.


What is wrong???? The SSH Client I use is version 3.2.9.

Please answer!!!!!!

Thanks in advance!!!!

Andrea

You might want to show the exact command line on the client that you've used.
Also, did you try running both client ssh program with the "-v" parameter and the sshd daemon on the foreground (with debugging) to see what those programs have to tell you?
For example, are the permission bits on the ~/.ssh2 directory as well as the files contained therein correct?

Eric

I haven't used a command line but the windows widget tool, here the files permissions:

drwx--x--x 3 ciccio users 4096 Oct 7 19:03 ./
drwxr-xr-x 7 root root 4096 Oct 7 16:55 ../
-rw-r--r-- 1 ciccio users 3394 Oct 7 16:55 .screenrc
drwxr-xr-x 2 ciccio users 4096 Oct 7 19:03 .ssh2/
ciccio@pisa1:~$ cd .ssh2/
ciccio@pisa1:~/.ssh2$ ls -al
total 16
drwxr-xr-x 2 ciccio users 4096 Oct 7 19:03 ./
drwx--x--x 3 ciccio users 4096 Oct 7 19:03 ../
-rw-r--r-- 1 ciccio users 1248 Oct 7 15:37 pubkeyname.pub
-rw-r--r-- 1 ciccio users 18 Oct 7 18:03 authorization


Any suggestions??

Thanks,

Andrea

Now that might very well be the cause. The ~/.ssh2 directory must not be read/writable by others than yourself (drwx------).

Also, in the sshd_config, why did you change
?

It might be that the ssh daemon still looks for a .ssh directory for the public key etc, even though you define a directory .ssh2 (but of this I'm not sure).

Fix the permissions first, that may already be enough. Also try running server with a debug option after stopping the running daemon first:
so that you can look at what the daemon tells you when the client connects.


Eric

The problem is that you didn't place your public key inside your authorization file. (~/.ssh2/authorization)

I know that because I see from the file suze that your public key isn't in the file.
-rw-r--r-- 1 ciccio users 1248 Oct 7 15:37 pubkeyname.pub
-rw-r--r-- 1 ciccio users 18 Oct 7 18:03 authorization

So just copy your public key into the file and it should work.

The permission could be more restrictive so that other users can't read your public keys, but they still won't get far as they don't have your private key.