I have having SSH issues when trying to do public key authentication. It works just fine on server A. But on server B (which has the same configuration) it does not work. That tells me two things. 1- it is likely not a configuration on the client-side computer. 2- it is likely not a 'ssh*_config' file problem since both 'Server A' and 'Server B' have the exact same 'ssh*_config' files.
I have followed the instructions at the following sites but to no avail:
http://cfm.gs.washington.edu/securit...client-pkauth/
http://hacks.oreilly.com/pub/h/66
Here are the details:
Server A:
SSH Version: OpenSSH_3.8.1p1, OpenSSL 0.9.7d 17 Mar 2004
OS: FreeBSD 4.7-RELEASE-p27 (VKERN) #33
Permission of '.ssh' dir: "drwx------ 2 root wheel 512 Feb 17 12:19 .ssh"
Permission of 'authorized_keys': "-rw------- 1 root wheel 223 Feb 17 12:19 authorized_hosts"
Server B:
SSH Version: OpenSSH_3.8.1p1, OpenSSL 0.9.7d 17 Mar 2004
OS: FreeBSD 4.7-RELEASE-p27 (VKERN) #33
Permission of '.ssh' dir: "drwx------ 2 root wheel 512 Feb 17 12:17 .ssh"
Permission of 'authorized_keys': "-rw------- 1 root wheel 562 Feb 17 12:17 authorized_keys"
What I've tried:
I followed the instructions on both of those sites several times.
I've tried using the '-1' flag which results in:
Quote:
debug1: RSA authentication using agent refused.
debug1: Trying RSA authentication with key '/home/cjones/.ssh/identity'
debug1: Server refused our key.
|
I've tried using the '-2' flag which results in:
Quote:
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /home/username/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: /home/username/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: /home/username/.ssh/id_dsa
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: password
|
I've tried using ssh-keygen -t rsa, ssh-keygen -t rsa1, and ssh-keygen -t dsa when generating the keys
I've tried clearing my "known_hosts" file on the client-machine.
I may have tried other things but at this point I am loosing track of what I have tried and not tried.
If anyone can help that would be greatly appreciated.