Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
12-07-2009, 12:05 AM
|
#1
|
Member
Registered: Nov 2007
Distribution: debian
Posts: 39
Rep:
|
Debian Etch SSH rsa authentication problem
Hi everyone,
I have this strange problem trying to ssh from a debian etch to a debian lenny ( also to an ubuntu hardy heron ) via rsa public key
I have successfully connected via ssh from lenny to hardy and vice versa.
and using the same method, i have failed to authenticate from etch , with both attempts to lenny / hardy
I have not been able to find a similar situation through googling...
( note : i was able to connect via ssh from the debian etch to lenny via password )
Regards,
|
|
|
12-07-2009, 01:36 AM
|
#2
|
Member
Registered: Jan 2004
Location: Austin, TEXAS
Distribution: CentOS 6.5
Posts: 211
Rep:
|
You're going to need to copy-and-paste the transaction so we can see the error messages, etc.
You really haven't given us any details to work with here.
|
|
|
12-07-2009, 02:41 AM
|
#3
|
Member
Registered: Nov 2007
Distribution: debian
Posts: 39
Original Poster
Rep:
|
yes, you're right sorry, i'll have to fetch it.
i jumped into an assumption that someone else might have a similar experience.
|
|
|
12-15-2009, 01:03 AM
|
#4
|
Member
Registered: Nov 2007
Distribution: debian
Posts: 39
Original Poster
Rep:
|
took a while,
but i did extra tests in the meantime
to outline what i have :
ubuntu hardy heron ssh-server
debian lenny ssh-server
kde etch ssh-server [initially just a client]
the first test i performed was, create an rsa key from debian etch,
and connect via public key to debian lenny, and it failed with this message
Permission denied. (Public Key)
just to make sure that i did try a variant approach, i enabled password
authentication, and connected via login to lenny still from etch,
and it was successful
but on retry with public key (first with rsa, then with dsa) i got the same result
At which point, i tried a diff. approach, which was why i had the ubuntu. I tested rsa / dsa authentication connections between
debian lenny and ubuntu, both ways, and it worked
After that, I installed ssh-server on Etch, added the public keys from
ubuntu and debian, and have found that i was able to connect
via public key authentication to the etch server.
With everything seemingly working fine.
I recreate public keys on Debian Etch and tried to connect
to either Lenny / Hardy Heron, with no success.
( I did also try Etch to Etch, and failed with the same error. )
Alright, i'm very sorry it took quite a while to follow up on this,
but I had to make sure that I wasn't making an obvious error somewhere,
which at this point I'm convinced I truly have not overlooked anything
basic.
With all that said, has anyone out there experienced similar problems
trying to ssh from a Debian Etch?
|
|
|
12-15-2009, 01:15 AM
|
#5
|
LQ Guru
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and CentOS
Posts: 6,726
|
There are many things that can cause ssh RSA auth failures, as such googling can present you with many answers that won't apply in any given situation. So, a good start is looking at the ssh debug information.
Read /var/log/auth.log on the server, and run the client in verbose mode (ssh -vvv).
If you can't get the answers from the above, the next thing to try is running sshd in debug mode (sshd -d) on the server, and then ssh to that instance of sshd: this will give much more server side debug info than what you normally get in /var/log/auth.log.
Cheers,
Evo2.
Last edited by evo2; 12-15-2009 at 01:15 AM.
Reason: Typo
|
|
|
12-15-2009, 02:45 AM
|
#6
|
Member
Registered: Nov 2007
Distribution: debian
Posts: 39
Original Poster
Rep:
|
Thanks, I'll try later when I get home.
this should be very useful.
|
|
|
12-16-2009, 02:47 AM
|
#7
|
Member
Registered: Nov 2007
Distribution: debian
Posts: 39
Original Poster
Rep:
|
To evo2, many thanks. I obviously should have consulted the logs in the first place.
Anyway, what happened was the key generated by the Debian Etch i used was already blacklisted.
i did use a r1 and r3 of etch, and it was the r3 that i set up as ssh server.
naturally the r1's generated key was already in blacklist, but i found it weird that
the r3 generated key was also blacklisted in lenny, even in ubuntu hardy heron.
in any case, for simple test purposes on an isolated lan, PermitBlacklistedKeys yes did the trick.
Cheers!
|
|
|
All times are GMT -5. The time now is 11:29 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|