ssh-keygen not working
 

Hello Everyone,

I'm trying to communicate using ssh command I did followings

1.ssh-keygen -q -t rsa -N '' -f ~/.ssh/id_rsa
2.scp ~/.ssh/id_rsa.pub xxxxxx@x.x.x.x:~/.ssh/id_rsa.pub
3.ssh xxxxxx@x.x.x.x "mkdir -p ~/.ssh;chmod 700 ~/.ssh;touch ~/.ssh/authorized_keys;cat ~/id_rsa.pub >> ~/.ssh/authorized_keys"
4.ssh-add
5.ssh -v xxxxxx@x.x.x.x I'm getting following error


*********************ERROR*********************************
OpenSSH_5.3p1 Debian-3ubuntu3, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to x.x.x.x [x.x.x.x] port 22.
debug1: Connection established.
debug1: identity file ~/.ssh/identity type -1
debug1: identity file ~/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file ~/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p1 Debian-1ubuntu3
debug1: match: OpenSSH_5.8p1 Debian-1ubuntu3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'x.x.x.x' is known and matches the RSA host key.
debug1: Found key in ~/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: ~/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: ~/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: ~/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: ~/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: ~/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: ~/.ssh/id_rsa
Received disconnect from x.x.x.x: 2: Too many authentication failures for xxxxxx


Please help me how to resolve it
Sorry for my English

Thank you

Hi,

It's a little difficult to follow how you are trying to copy your public key to the remote host. Is there any reason you are not using ssh-copy-id to do this for you?

If it still does not work, are you able to read the /var/log/auth.log on the remote machine? If so you should be able to get more information about what is happening.

Evo2.

Hi evo2,

Thanks for quick reply

As you told to search /var/log/auth.log, I got following error

Jun 6 14:00:50 ilantian-Desktop sshd[32302]: last message repeated 5 times
Jun 6 14:00:50 ilantian-Desktop sshd[32345]: Authentication refused: bad owners hip or modes for directory /home/ilantian
Jun 6 14:02:12 ilantian-Desktop sshd[32345]: last message repeated 5 times
Jun 6 14:03:37 ilantian-Desktop sshd[32446]: Accepted password for ilantian fro m 192.168.6.47 port 47279 ssh2
Jun 6 14:03:37 ilantian-Desktop sshd[32446]: pam_unix(sshd:session): session op ened for user ilantian by (uid=0)

can you please help me to solve it
Thank you once again

Hi,

this looks like it could be the problem.
What is the directory permissions?
You should probably also check the permissions in your ~/.ssh

Evo2.

Permission for .ssh is 700 and for authorized_keys is 644

And more thing I found is that, for other user I followed same procedure there it is working perfectly
and that user has admin privileges,
I don't know why it is not working for this user

Hi,

the error in the log was about permissions and/or ownership of /home/ilantian. What is the output of:
Evo2.

Hi evo2,
This output from

ls -ld /home/ilantian command

drwxr-xr-x 32 ilantian ilantian 4096 2012-06-06 15:15 /home/ilantian

Hi,

hmm this is strange. I would have put money on /home/ilantian being all or group writeable. Can you confirm that the
"ls -ld /home/ilantian" output you posted is really on the remote host, not the local host?

Evo2.

Output from remote machine for

ls -ld /home/ilantian


drwxrwxrwx 22 ilantian ilantian 4096 2012-06-06 15:04 /home/ilantian

Ick. Well there is your problem: just as sshd logged to auth.log. It is both all and group writeable.
Should do the trick.

Evo2.

Hurry :)

Thank you evo2 thats working fine and one more problem I'm facing is,

I created a java application which will run linux command to login and when want to change other user password it is giving error,

"sudo: no tty present and no askpass program specified[sudo] password for ilantian"

Can you figure it out what is the problem
Thank you

Hi,

glad you fixed your ssh problem.

Regarding your other problem: sudo needs a password but there is no tty (eg terminal) for one to be entered in, so gives that error. It gives a huge hint "no askpass program specified". If you check the sudo man page you will see that you can either give it a -A option with the path to something like ssh-askpass, or you can set it in a /etc/sudo.conf config file.

Cheers,

Evo2.

Thank you evo2

Once again for your usefull support