Hi Networkers,

Having some problems with logging into SSH my local desktop with the default 'ssh -v localhost' command. This is after creating both RSA and DSA keys. I must admit, that things have gotten a bit murky over the time I've been trying to get this working on my local machine. Verbose output is as follows:


[QUOTE]lewis@lewis:/etc/ssh$ ssh -v localhost
OpenSSH_5.8p1 Debian-1ubuntu3, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to localhost [::1] port 22.
debug1: Connection established.
debug1: identity file /home/lewis/.ssh/id_rsa type -1
debug1: identity file /home/lewis/.ssh/id_rsa-cert type -1
debug1: identity file /home/lewis/.ssh/id_dsa type -1
debug1: identity file /home/lewis/.ssh/id_dsa-cert type -1
debug1: identity file /home/lewis/.ssh/id_ecdsa type -1
debug1: identity file /home/lewis/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p1 Debian-1ubuntu3
debug1: match: OpenSSH_5.8p1 Debian-1ubuntu3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: RSA 12:99:d6:26:d3:08:e6:5f:03:1d:bb:de:2b:34:e8:2b
debug1: Host 'localhost' is known and matches the RSA host key.
debug1: Found key in /home/lewis/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
Ubuntu 11.04
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering DSA public key: /home/lewis/.ssh/id_dsa
debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: /home/lewis/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/lewis/.ssh/id_ecdsa
debug1: No more authentication methods to try.
Permission denied (publickey).

So I understand that it is failing due to public key authentication. I am well and truly stumped as the numerous threads and tutorials have confused me more than anything else.
Any suggestions about what I should be copying/editing/adding would be very much appreciated.

Thank you

Hector

Well the usual issue preventing public key authentication when it is otherwise correctly set up, is that the ~/.ssh directory permission and the authorized_keys file permissions are incorrect, and chould be 700 and 600 respectively.

Thank you for your swift reply.

I changed permissions on ~/.ssh folder to 700 however I do not have a authorized_keys file inside the directory. Instead I have a 'known_hosts' file, therefore the directory structure is as follows

lewis@lewis:/etc/ssh$ ls -l ~/.ssh/
total 20
-rw------- 1 lewis root 668 2011-08-28 20:13 id_dsa
-rw-r--r-- 1 lewis root 601 2011-08-28 20:13 id_dsa.pub
-rw------- 1 lewis root 1675 2011-08-28 20:13 id_rsa
-rw-r--r-- 1 lewis root 393 2011-08-28 20:13 id_rsa.pub
-rw-r--r-- 1 lewis root 443 2011-08-28 18:56 known_hosts

So naturally I get:

lewis@lewis:/etc/ssh$ chmod 600 ~/.ssh/authorized_keys
chmod: cannot access `/home/lewis/.ssh/authorized_keys': No such file or directory

The known_hosts file contains an ssh-rsa key value preceded by |1|

Thanks

If you've no authorized_keys file, how many guides did you look at?? That file is on the remote system, containing a copy of the private key.

Why did you generate two keys ? I would think it is causing conflicts. Especially since your issue started after generating both.

I would nuke all the files and start over generating one key. If that does not work I would look at the permissions again.

No, they can't conflict. it tries one then the other.

acid_kewpie thanks for the clarification.