Hi everyone,


I have this strange problem trying to ssh from a debian etch to a debian lenny ( also to an ubuntu hardy heron ) via rsa public key

I have successfully connected via ssh from lenny to hardy and vice versa.
and using the same method, i have failed to authenticate from etch , with both attempts to lenny / hardy


I have not been able to find a similar situation through googling...

( note : i was able to connect via ssh from the debian etch to lenny via password )






Regards,

You're going to need to copy-and-paste the transaction so we can see the error messages, etc.

You really haven't given us any details to work with here.

yes, you're right sorry, i'll have to fetch it.

i jumped into an assumption that someone else might have a similar experience.

took a while,

but i did extra tests in the meantime

to outline what i have :
ubuntu hardy heron ssh-server
debian lenny ssh-server
kde etch ssh-server [initially just a client]

the first test i performed was, create an rsa key from debian etch,
and connect via public key to debian lenny, and it failed with this message

Permission denied. (Public Key)

just to make sure that i did try a variant approach, i enabled password
authentication, and connected via login to lenny still from etch,
and it was successful


but on retry with public key (first with rsa, then with dsa) i got the same result



At which point, i tried a diff. approach, which was why i had the ubuntu. I tested rsa / dsa authentication connections between
debian lenny and ubuntu, both ways, and it worked

After that, I installed ssh-server on Etch, added the public keys from
ubuntu and debian, and have found that i was able to connect
via public key authentication to the etch server.


With everything seemingly working fine.
I recreate public keys on Debian Etch and tried to connect
to either Lenny / Hardy Heron, with no success.

( I did also try Etch to Etch, and failed with the same error. )




Alright, i'm very sorry it took quite a while to follow up on this,
but I had to make sure that I wasn't making an obvious error somewhere,
which at this point I'm convinced I truly have not overlooked anything
basic.



With all that said, has anyone out there experienced similar problems
trying to ssh from a Debian Etch?

There are many things that can cause ssh RSA auth failures, as such googling can present you with many answers that won't apply in any given situation. So, a good start is looking at the ssh debug information.

Read /var/log/auth.log on the server, and run the client in verbose mode (ssh -vvv).

If you can't get the answers from the above, the next thing to try is running sshd in debug mode (sshd -d) on the server, and then ssh to that instance of sshd: this will give much more server side debug info than what you normally get in /var/log/auth.log.

Cheers,

Evo2.

Thanks, I'll try later when I get home.

this should be very useful.

To evo2, many thanks. I obviously should have consulted the logs in the first place.

Anyway, what happened was the key generated by the Debian Etch i used was already blacklisted.
i did use a r1 and r3 of etch, and it was the r3 that i set up as ssh server.
naturally the r1's generated key was already in blacklist, but i found it weird that
the r3 generated key was also blacklisted in lenny, even in ubuntu hardy heron.

in any case, for simple test purposes on an isolated lan, PermitBlacklistedKeys yes did the trick.


Cheers!