passwordless SSH issue

jindalarpan · 09-29-2010, 04:19 AM

I am facing issue setting up password less login to to linux machines.

issue is like this, i am having 3 machines, A,B and C.

A windows machine
B linux server
C linux server

I have gerenreted a public and private key combination on A. with the help of puttygen. and added the public key to B in authorized_keys and able to do the password less login.
but issue is when i am doing the same for C i am not able to do password less login.
on C it asks for the password every time i try connect using putty.

Is there anything that need to be checked or changed for making itwork on C.

Thanks for inputs in advance.

acid_kewpie · 09-29-2010, 04:23 AM

well if you're trying to do exactly the same thing to the same boxes, then there has to be some form of inconsistency in what you have done. The most common gotcha is to have the wrong permissions on the ~/.ssh directory on the server, but clearly there are plenty of other places. Can you configure the login from server to server, rather than from the windows box? If you get that working, then that should push you in a more specific direction of investigation.

theboogymaster · 09-29-2010, 04:35 AM

Do you have a password for you key ?

theboogymaster · 09-29-2010, 04:36 AM

And try changing the PasswordAuthentification to NO in the /etc/ssh/sshd_config file

jindalarpan · 09-29-2010, 05:47 AM

Quote:

Originally Posted by theboogymaster

Do you have a password for you key ?

no pass phrase or password for key

jindalarpan · 09-29-2010, 05:55 AM

Quote:

Originally Posted by theboogymaster

And try changing the PasswordAuthentification to NO in the /etc/ssh/sshd_config file

after chanfing it to no it has stoped me from looging to server completelly. giving erroe message as

type 14 (no more serevr auth available):" Server does not supply any autherntication methods by firewal"

acid_kewpie · 09-29-2010, 06:03 AM

OK, so the key auth is clearly failing. can we go back to seeing if the file permissions are right and if you can do it from the other server? You can also enable more verbose logging on the server side to see what it doesn't like abuot the authentication attempt in your /etc/ssh/sshd_config

jindalarpan · 09-29-2010, 06:08 AM

Quote:

Originally Posted by acid_kewpie

well if you're trying to do exactly the same thing to the same boxes, then there has to be some form of inconsistency in what you have done. The most common gotcha is to have the wrong permissions on the ~/.ssh directory on the server, but clearly there are plenty of other places. Can you configure the login from server to server, rather than from the windows box? If you get that working, then that should push you in a more specific direction of investigation.

i have setup password less ssh from B to C and its works.

acid_kewpie · 09-29-2010, 06:10 AM

OK, so it must be something in the client config, unless you have a different ssh key on the server and have not entered the windows one correctly.

jindalarpan · 09-29-2010, 06:19 AM

Quote:

Originally Posted by acid_kewpie

OK, so it must be something in the client config, unless you have a different ssh key on the server and have not entered the windows one correctly.

double checked
i am using same key combinations for both the serviers B and C. Also checked the authorised_key entry on C.

jindalarpan · 09-29-2010, 06:28 AM

Quote:

Originally Posted by jindalarpan

double checked
i am using same key combinations for both the serviers B and C. Also checked the authorised_key entry on C.

I have found out some thign
that
the putty event log for server B is

2010-09-29 16:59:43 Looking up host "x.x.x.y"
2010-09-29 16:59:43 Connecting to x.x.x.y port 22
2010-09-29 16:59:43 Server version: SSH-2.0-OpenSSH_4.3
2010-09-29 16:59:43 We claim version: SSH-2.0-PuTTY_Release_0.60
2010-09-29 16:59:43 Using SSH protocol version 2
2010-09-29 16:59:43 Doing Diffie-Hellman group exchange
2010-09-29 16:59:43 Doing Diffie-Hellman key exchange with hash SHA-1
2010-09-29 16:59:43 Host key fingerprint is:
2010-09-29 16:59:43 ssh-rsa 2048 e5:89:d2:23:e2:33:7d:b9:57:7b:56:1b:3a:2b:5b:22
2010-09-29 16:59:43 Initialised AES-256 SDCTR client->server encryption
2010-09-29 16:59:43 Initialised HMAC-SHA1 client->server MAC algorithm
2010-09-29 16:59:43 Initialised AES-256 SDCTR server->client encryption
2010-09-29 16:59:43 Initialised HMAC-SHA1 server->client MAC algorithm
2010-09-29 16:59:43 Reading private key file "C:\Documents and Settings\admin\Desktop\keys\pvt.ppk"
2010-09-29 16:59:43 Offered public key
2010-09-29 16:59:43 Offer of public key accepted
2010-09-29 16:59:43 Access granted
2010-09-29 16:59:43 Opened channel for session
2010-09-29 16:59:43 Allocated pty (ospeed 38400bps, ispeed 38400bps)
2010-09-29 16:59:43 Started a shell/command

where as for Server C

2010-09-29 17:00:51 Looking up host "x.x.x.x"
2010-09-29 17:00:51 Connecting to x.x.x.x port 22
2010-09-29 17:00:51 Server version: SSH-2.0-OpenSSH_4.6
2010-09-29 17:00:51 We claim version: SSH-2.0-PuTTY_Release_0.60
2010-09-29 17:00:51 Using SSH protocol version 2
2010-09-29 17:00:51 Doing Diffie-Hellman group exchange
2010-09-29 17:00:52 Doing Diffie-Hellman key exchange with hash SHA-256
2010-09-29 17:00:52 Host key fingerprint is:
2010-09-29 17:00:52 ssh-rsa 1024 a2:61:f0:06:f6:4e:10:ac:21:5c:bf:bf:52:34:c0:9a
2010-09-29 17:00:52 Initialised AES-256 SDCTR client->server encryption
2010-09-29 17:00:52 Initialised HMAC-SHA1 client->server MAC algorithm
2010-09-29 17:00:52 Initialised AES-256 SDCTR server->client encryption
2010-09-29 17:00:52 Initialised HMAC-SHA1 server->client MAC algorithm
2010-09-29 17:00:52 Reading private key file "C:\Documents and Settings\admin\Desktop\keys\pvt.ppk"
2010-09-29 17:00:55 Sent password
2010-09-29 17:00:55 Access granted
2010-09-29 17:00:55 Opened channel for session
2010-09-29 17:00:55 Allocated pty (ospeed 38400bps, ispeed 38400bps)
2010-09-29 17:00:55 Started a shell/command

jindalarpan · 10-08-2010, 03:26 PM

Quote:

Originally Posted by jindalarpan

I have found out some thign
that
the putty event log for server B is

2010-09-29 16:59:43 Looking up host "x.x.x.y"
2010-09-29 16:59:43 Connecting to x.x.x.y port 22
2010-09-29 16:59:43 Server version: SSH-2.0-OpenSSH_4.3
2010-09-29 16:59:43 We claim version: SSH-2.0-PuTTY_Release_0.60
2010-09-29 16:59:43 Using SSH protocol version 2
2010-09-29 16:59:43 Doing Diffie-Hellman group exchange
2010-09-29 16:59:43 Doing Diffie-Hellman key exchange with hash SHA-1
2010-09-29 16:59:43 Host key fingerprint is:
2010-09-29 16:59:43 ssh-rsa 2048 e5:89:d2:23:e2:33:7d:b9:57:7b:56:1b:3a:2b:5b:22
2010-09-29 16:59:43 Initialised AES-256 SDCTR client->server encryption
2010-09-29 16:59:43 Initialised HMAC-SHA1 client->server MAC algorithm
2010-09-29 16:59:43 Initialised AES-256 SDCTR server->client encryption
2010-09-29 16:59:43 Initialised HMAC-SHA1 server->client MAC algorithm
2010-09-29 16:59:43 Reading private key file "C:\Documents and Settings\admin\Desktop\keys\pvt.ppk"
2010-09-29 16:59:43 Offered public key
2010-09-29 16:59:43 Offer of public key accepted
2010-09-29 16:59:43 Access granted
2010-09-29 16:59:43 Opened channel for session
2010-09-29 16:59:43 Allocated pty (ospeed 38400bps, ispeed 38400bps)
2010-09-29 16:59:43 Started a shell/command

where as for Server C

2010-09-29 17:00:51 Looking up host "x.x.x.x"
2010-09-29 17:00:51 Connecting to x.x.x.x port 22
2010-09-29 17:00:51 Server version: SSH-2.0-OpenSSH_4.6
2010-09-29 17:00:51 We claim version: SSH-2.0-PuTTY_Release_0.60
2010-09-29 17:00:51 Using SSH protocol version 2
2010-09-29 17:00:51 Doing Diffie-Hellman group exchange
2010-09-29 17:00:52 Doing Diffie-Hellman key exchange with hash SHA-256
2010-09-29 17:00:52 Host key fingerprint is:
2010-09-29 17:00:52 ssh-rsa 1024 a2:61:f0:06:f6:4e:10:ac:21:5c:bf:bf:52:34:c0:9a
2010-09-29 17:00:52 Initialised AES-256 SDCTR client->server encryption
2010-09-29 17:00:52 Initialised HMAC-SHA1 client->server MAC algorithm
2010-09-29 17:00:52 Initialised AES-256 SDCTR server->client encryption
2010-09-29 17:00:52 Initialised HMAC-SHA1 server->client MAC algorithm
2010-09-29 17:00:52 Reading private key file "C:\Documents and Settings\admin\Desktop\keys\pvt.ppk"
2010-09-29 17:00:55 Sent password
2010-09-29 17:00:55 Access granted
2010-09-29 17:00:55 Opened channel for session
2010-09-29 17:00:55 Allocated pty (ospeed 38400bps, ispeed 38400bps)
2010-09-29 17:00:55 Started a shell/command

Hello any one on this ?

acid_kewpie · 10-08-2010, 04:08 PM

Well it's not offering the key there, but that would feel like it doesn't think it is allowed to. Run sshd on the server side in debug mode and post the equivalent logs from there.

eSelix · 10-08-2010, 04:11 PM

Do not quote your whole previous post just only askig if somebody read it. Possibly we are busy thinking of your problem.

bharathvn · 10-09-2010, 11:46 AM

Check the folder and file permission for authorised_key and its parent folder.ssh set to its ownner i.e user connecting.