LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-17-2005, 03:49 PM   #1
Temujin_12
Member
 
Registered: Sep 2003
Location: Washington
Distribution: Kubuntu Dapper
Posts: 99

Rep: Reputation: 15
SSH Public Keys Problems


I have having SSH issues when trying to do public key authentication. It works just fine on server A. But on server B (which has the same configuration) it does not work. That tells me two things. 1- it is likely not a configuration on the client-side computer. 2- it is likely not a 'ssh*_config' file problem since both 'Server A' and 'Server B' have the exact same 'ssh*_config' files.

I have followed the instructions at the following sites but to no avail:
http://cfm.gs.washington.edu/securit...client-pkauth/
http://hacks.oreilly.com/pub/h/66

Here are the details:

Server A:
SSH Version: OpenSSH_3.8.1p1, OpenSSL 0.9.7d 17 Mar 2004
OS: FreeBSD 4.7-RELEASE-p27 (VKERN) #33
Permission of '.ssh' dir: "drwx------ 2 root wheel 512 Feb 17 12:19 .ssh"
Permission of 'authorized_keys': "-rw------- 1 root wheel 223 Feb 17 12:19 authorized_hosts"

Server B:
SSH Version: OpenSSH_3.8.1p1, OpenSSL 0.9.7d 17 Mar 2004
OS: FreeBSD 4.7-RELEASE-p27 (VKERN) #33
Permission of '.ssh' dir: "drwx------ 2 root wheel 512 Feb 17 12:17 .ssh"
Permission of 'authorized_keys': "-rw------- 1 root wheel 562 Feb 17 12:17 authorized_keys"

What I've tried:

I followed the instructions on both of those sites several times.
I've tried using the '-1' flag which results in:
Quote:
debug1: RSA authentication using agent refused.
debug1: Trying RSA authentication with key '/home/cjones/.ssh/identity'
debug1: Server refused our key.
I've tried using the '-2' flag which results in:
Quote:
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /home/username/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: /home/username/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: /home/username/.ssh/id_dsa
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: password
I've tried using ssh-keygen -t rsa, ssh-keygen -t rsa1, and ssh-keygen -t dsa when generating the keys
I've tried clearing my "known_hosts" file on the client-machine.

I may have tried other things but at this point I am loosing track of what I have tried and not tried.

If anyone can help that would be greatly appreciated.
 
Old 02-17-2005, 04:15 PM   #2
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 79
Re: SSH Public Keys Problems

Notice anything odd about this line?
Quote:
Originally posted by Temujin_12

Permission of 'authorized_keys': "-rw------- 1 root wheel 223 Feb 17 12:19 authorized_hosts"
authorized_keys is not the same as authorized_hosts - try:
mv ~/.ssh/authorized_hosts ~/.ssh/authorized_keys

I've also got an LA on LQ about public keys if you are interested.
 
Old 02-17-2005, 04:31 PM   #3
Temujin_12
Member
 
Registered: Sep 2003
Location: Washington
Distribution: Kubuntu Dapper
Posts: 99

Original Poster
Rep: Reputation: 15
Oh sorry, I must have pasted it in wrong. It is supposed to say "authorized_keys".

Any other ideas.

Last edited by Temujin_12; 02-17-2005 at 05:10 PM.
 
Old 02-18-2005, 10:14 AM   #4
TruckStuff
Member
 
Registered: Apr 2002
Posts: 498

Rep: Reputation: 30
Tail the security log to see if you can get more info about what is happening. On a default Redhat box it would be tail /var/log/secure; not sure what it is on BSD though.
 
Old 02-23-2005, 01:43 PM   #5
Temujin_12
Member
 
Registered: Sep 2003
Location: Washington
Distribution: Kubuntu Dapper
Posts: 99

Original Poster
Rep: Reputation: 15
It turned out to be a permission problem. After I ran "chmod 600 authorized_keys" things worked. But if I then came back and ran "cat identity.pub >> authorized_keys" it would change the permissions and I could no longer ssh w/o a password. I had to go back and re-run "chmod 600 authorized_keys" everytime I appended a key to the "authorized_keys" file.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH public keys not working - RH 7.3 menator Linux - Newbie 7 11-03-2005 04:55 AM
ssh public/private keys lord_darkhelmet Linux - Newbie 8 10-29-2005 04:14 PM
SSH public / private keys problem guideweb Linux - Software 7 08-27-2005 10:49 PM
How to delete public & private keys for SSH? TrulyTessa Linux - Security 2 11-18-2004 01:27 PM
Help with SSH and public/private keys stodge Linux - Security 5 05-14-2003 02:22 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:30 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration