[SOLVED] SSH Connection being prompted for a password
Red HatThis forum is for the discussion of Red Hat Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a Solaris 10 client connecting to a RHEL 6.x server. I have the below configured in my sshd_config, but my client continues to get prompted for a password:
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
PermitRootLogin no
StrictModes no
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile /home/%u/.ssh/authorized_keys
/etc/ssh/ssh_known_hosts
RhostsRSAAuthentication no
HostbasedAuthentication no
IgnoreRhosts yes
PermitEmptyPasswords no
PasswordAuthentication yes
ChallengeResponseAuthentication no
GSSAPIAuthentication no
GSSAPICleanupCredentials no
UsePAM yes
Ciphers aes128-ctr,aes192-ctr,aes256-ctr
MACs hmac-sha1
Despite having PubkeyAuthentication yes I'm seeing:
Authentications that can continue: password
Instead of:
Authentications that can continue: publickey,password
The perms on the user home directory and .ssh are 700, and the authorized_keys is 600. All are also owned by the user.
I was also able to use the client's private key on the server to connect from my server into itself and was able to authenticate without being prompted for a password.
Can you check the ssh_config on the Solaris machine?
Are you sure that you have properly moved and placed the pub key from the Solaris box onto the RH box?
Have you tried ssh with -vvv on the client side, and check the connection trace from ssh on the RH side?
It turns out that the firewall on the Solaris client side was configured to do protocol filtering,
but once changed to packet filtering everything worked!
So, protocol filtering allowed the connection, but disabled key authentication?
Not the behavior I would have expected. Thank you for sharing that! I will add that to my list of things to watch out for.
Imagine our firewall guy's reaction! He was 100% sure the firewall had no impact on this. I had to send him an error message that referenced the firewall after I disabled PasswordAuthentication.
To be certain we had him change the setting back to protocol filtering and it prompted for a password again.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.