LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Ubuntu
User Name
Password
Ubuntu This forum is for the discussion of Ubuntu Linux.

Notices

Reply
 
Search this Thread
Old 06-06-2012, 02:28 AM   #1
mahesh manakawad
LQ Newbie
 
Registered: May 2012
Posts: 11

Rep: Reputation: Disabled
ssh-keygen not working


Hello Everyone,

I'm trying to communicate using ssh command I did followings

1.ssh-keygen -q -t rsa -N '' -f ~/.ssh/id_rsa
2.scp ~/.ssh/id_rsa.pub xxxxxx@x.x.x.x:~/.ssh/id_rsa.pub
3.ssh xxxxxx@x.x.x.x "mkdir -p ~/.ssh;chmod 700 ~/.ssh;touch ~/.ssh/authorized_keys;cat ~/id_rsa.pub >> ~/.ssh/authorized_keys"
4.ssh-add
5.ssh -v xxxxxx@x.x.x.x I'm getting following error


*********************ERROR*********************************
OpenSSH_5.3p1 Debian-3ubuntu3, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to x.x.x.x [x.x.x.x] port 22.
debug1: Connection established.
debug1: identity file ~/.ssh/identity type -1
debug1: identity file ~/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file ~/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p1 Debian-1ubuntu3
debug1: match: OpenSSH_5.8p1 Debian-1ubuntu3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'x.x.x.x' is known and matches the RSA host key.
debug1: Found key in ~/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: ~/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: ~/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: ~/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: ~/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: ~/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: ~/.ssh/id_rsa
Received disconnect from x.x.x.x: 2: Too many authentication failures for xxxxxx


Please help me how to resolve it
Sorry for my English

Thank you
 
Old 06-06-2012, 03:29 AM   #2
evo2
Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Debian, SL
Posts: 5,305

Rep: Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141
Hi,

It's a little difficult to follow how you are trying to copy your public key to the remote host. Is there any reason you are not using ssh-copy-id to do this for you?

If it still does not work, are you able to read the /var/log/auth.log on the remote machine? If so you should be able to get more information about what is happening.

Evo2.
 
Old 06-06-2012, 03:55 AM   #3
mahesh manakawad
LQ Newbie
 
Registered: May 2012
Posts: 11

Original Poster
Rep: Reputation: Disabled
Hi evo2,

Thanks for quick reply

As you told to search /var/log/auth.log, I got following error

Jun 6 14:00:50 ilantian-Desktop sshd[32302]: last message repeated 5 times
Jun 6 14:00:50 ilantian-Desktop sshd[32345]: Authentication refused: bad owners hip or modes for directory /home/ilantian
Jun 6 14:02:12 ilantian-Desktop sshd[32345]: last message repeated 5 times
Jun 6 14:03:37 ilantian-Desktop sshd[32446]: Accepted password for ilantian fro m 192.168.6.47 port 47279 ssh2
Jun 6 14:03:37 ilantian-Desktop sshd[32446]: pam_unix(sshd:session): session op ened for user ilantian by (uid=0)

can you please help me to solve it
Thank you once again
 
Old 06-06-2012, 04:46 AM   #4
evo2
Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Debian, SL
Posts: 5,305

Rep: Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141
Hi,

this looks like it could be the problem.
Code:
Jun 6 14:00:50 ilantian-Desktop sshd[32345]: Authentication refused: bad owners hip or modes for directory /home/ilantian
What is the directory permissions?
Code:
ls -ld /home/ilantian
You should probably also check the permissions in your ~/.ssh

Evo2.
 
Old 06-06-2012, 04:52 AM   #5
mahesh manakawad
LQ Newbie
 
Registered: May 2012
Posts: 11

Original Poster
Rep: Reputation: Disabled
Permission for .ssh is 700 and for authorized_keys is 644

And more thing I found is that, for other user I followed same procedure there it is working perfectly
and that user has admin privileges,
I don't know why it is not working for this user
 
Old 06-06-2012, 05:14 AM   #6
evo2
Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Debian, SL
Posts: 5,305

Rep: Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141
Hi,

the error in the log was about permissions and/or ownership of /home/ilantian. What is the output of:
Code:
ls -ld /home/ilantian
Evo2.
 
Old 06-06-2012, 05:17 AM   #7
mahesh manakawad
LQ Newbie
 
Registered: May 2012
Posts: 11

Original Poster
Rep: Reputation: Disabled
Hi evo2,
This output from

ls -ld /home/ilantian command

drwxr-xr-x 32 ilantian ilantian 4096 2012-06-06 15:15 /home/ilantian
 
Old 06-06-2012, 05:35 AM   #8
evo2
Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Debian, SL
Posts: 5,305

Rep: Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141
Hi,

hmm this is strange. I would have put money on /home/ilantian being all or group writeable. Can you confirm that the
"ls -ld /home/ilantian" output you posted is really on the remote host, not the local host?

Evo2.
 
Old 06-06-2012, 05:40 AM   #9
mahesh manakawad
LQ Newbie
 
Registered: May 2012
Posts: 11

Original Poster
Rep: Reputation: Disabled
Output from remote machine for

ls -ld /home/ilantian


drwxrwxrwx 22 ilantian ilantian 4096 2012-06-06 15:04 /home/ilantian
 
Old 06-06-2012, 05:47 AM   #10
evo2
Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Debian, SL
Posts: 5,305

Rep: Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141
Quote:
Originally Posted by mahesh manakawad View Post
Output from remote machine for

ls -ld /home/ilantian


drwxrwxrwx 22 ilantian ilantian 4096 2012-06-06 15:04 /home/ilantian
Ick. Well there is your problem: just as sshd logged to auth.log. It is both all and group writeable.
Code:
chmod ag-w /home/ilantian
Should do the trick.

Evo2.
 
Old 06-06-2012, 05:57 AM   #11
mahesh manakawad
LQ Newbie
 
Registered: May 2012
Posts: 11

Original Poster
Rep: Reputation: Disabled
Hurry

Thank you evo2 thats working fine and one more problem I'm facing is,

I created a java application which will run linux command to login and when want to change other user password it is giving error,

"sudo: no tty present and no askpass program specified[sudo] password for ilantian"

Can you figure it out what is the problem
Thank you
 
Old 06-06-2012, 06:05 AM   #12
evo2
Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Debian, SL
Posts: 5,305

Rep: Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141Reputation: 1141
Hi,

glad you fixed your ssh problem.

Regarding your other problem: sudo needs a password but there is no tty (eg terminal) for one to be entered in, so gives that error. It gives a huge hint "no askpass program specified". If you check the sudo man page you will see that you can either give it a -A option with the path to something like ssh-askpass, or you can set it in a /etc/sudo.conf config file.

Cheers,

Evo2.
 
Old 06-06-2012, 06:59 AM   #13
mahesh manakawad
LQ Newbie
 
Registered: May 2012
Posts: 11

Original Poster
Rep: Reputation: Disabled
Smile

Thank you evo2

Once again for your usefull support
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] ssh-keygen for auto ssh login not working R00ts Linux - Software 26 09-23-2012 01:40 PM
[SOLVED] ssh-keygen amitk.gupta09 Linux - Server 3 09-20-2011 02:08 AM
SSH not working after ssh-keygen due to lack of entropy grob115 Linux - Security 8 08-28-2010 11:33 AM
ssh-agent, ssh-add and ssh-keygen AND CVS raylpc Linux - General 2 11-19-2008 02:50 AM
How to ssh-keygen? Baran Linux - Networking 5 04-26-2005 02:40 PM


All times are GMT -5. The time now is 03:25 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration