LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 11-29-2016, 10:24 AM   #31
c0wb0y
Member
 
Registered: Jan 2012
Location: Inside the oven
Distribution: Windows
Posts: 417

Rep: Reputation: 74

Maybe it's a dumb question and I have no idea how the OpenSSH-clone generate the key-pair.

Did you import the whole authorized_keys file from Windows? dos2unix may help, maybe?
 
Old 11-29-2016, 05:48 PM   #32
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181
Putty is a reliable SSH suite for Windows. This is not your problem.
 
Old 11-29-2016, 08:47 PM   #33
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 3,421

Rep: Reputation: 1485Reputation: 1485Reputation: 1485Reputation: 1485Reputation: 1485Reputation: 1485Reputation: 1485Reputation: 1485Reputation: 1485Reputation: 1485
PuttyGen generates Putty format keys, but displays a OpenSSH format key in the window so you can cut and paste it into the auth file on the remote server in your putty session.

I have never used this OpenSSH windows package. I have used cygwin and putty, and both work fine.
 
Old 11-30-2016, 04:31 AM   #34
nibraz
Member
 
Registered: Oct 2008
Posts: 219

Original Poster
Rep: Reputation: 18
Tried puttygen 3x still no luck.
Tried OpenSSH for Windows no luck.
Tried Bitvise SSH Client generated keys and tried and no luck.
Copied keys manually and pasted the keys:

Here is the authorized_key file:
Quote:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCKGJR3uxpH92mnfKt7oJzL/QPjk+ecAIfR3Iojo29ksPCy1CWZdZRvTheAt2hoF94bUaQXzYmpOF9+SZvSawPet+Kvc6o+foJoga5/RA89lpfdBxFVTOtieTUhhfziT1IrBR90a7ba4TNXbc7/Vw1BXxWWhVvyh4Ys7Yl0PwQqZS2KCxaRSs+TODwQpj0rfwGbxeMnjVH2H3vMK+PspfqqcL1YlN85ZcW5KBxx9TqMtva/uhU4J8G/qbIDldvAbB8NHD3JI/a2wJzIIxcYgiqqM2Yzm6dhCFKdZJMvW4+Wwf/tT/MazLA0iH7QSaIdVULLS7gtcre6nf0XCKOEnBsz Generated by Myname@LT10536.
the jey in file is all in one line..
 
Old 11-30-2016, 04:41 AM   #35
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,049
Blog Entries: 3

Rep: Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521
Quote:
Originally Posted by nibraz View Post
Code:
AuthorizedKeysFile	/home/user1/.ssh/authorized_keys
There might be part of the problem in regards to PuTTY. The file /etc/ssh/sshd_config is for all users. So you are directing "sshd" to look somewhere it probably can't use. Try repairing that line and restarting "sshd":

Code:
AuthorizedKeysFile	%h/.ssh/authorized_keys
Then what was the the output from "sshd" when run as suggested in #21 above?
 
Old 11-30-2016, 08:35 AM   #36
nibraz
Member
 
Registered: Oct 2008
Posts: 219

Original Poster
Rep: Reputation: 18
Quote:
Originally Posted by Turbocapitalist View Post
There might be part of the problem in regards to PuTTY. The file /etc/ssh/sshd_config is for all users. So you are directing "sshd" to look somewhere it probably can't use. Try repairing that line and restarting "sshd":

Code:
AuthorizedKeysFile	%h/.ssh/authorized_keys
Then what was the the output from "sshd" when run as suggested in #21 above?
Hi Turbo

Edited the as above to point to %h/.ssh/authorized_keys

Not sure what you mean in #21 I tried your sudo /usr/sbin/sshd -p 2228 -dd and got the below:
Code:
sudo /usr/sbin/sshd -p 2228 -dd
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 795
debug2: parse_server_config: config /etc/ssh/sshd_config len 795
debug1: sshd version OpenSSH_5.3p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-p'
debug1: rexec_argv[2]='2228'
debug1: rexec_argv[3]='-dd'
Set /proc/self/oom_score_adj from 0 to -1000
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 2228 on 0.0.0.0.
Server listening on 0.0.0.0 port 2228.
debug2: fd 4 setting O_NONBLOCK
debug1: Bind to port 2228 on ::.
Server listening on :: port 2228.
I then used another client to connect to ssh and i cant connect doesnt work with RSA public key authenication.
 
Old 11-30-2016, 08:38 AM   #37
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,049
Blog Entries: 3

Rep: Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521
Ok, it shows that it is listening on port 2228 then. Did you use the other client to connect on port 2228? There should have been something shown in the temporary "sshd" instance you run with -dd.
 
Old 11-30-2016, 08:48 AM   #38
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181
The authorized_keys file indeed contains one line per key. (And I trust that you will not now use that key,
having posted it on the Internet!)


I suggest that you should probably, at this point, "start over."
Go through your sshd configuration file with a fine-toothed comb, checking each and every option
against its man entry. Be sure that you have it set to accept only public-key and to reject all other
forms of authentication, so that the key actually "means something." Carefully look at the port-number and other settings.

Then, troubleshoot any communications issues: is the traffic, in fact, reaching the server?

Next, carefully check the /home/foobar/.ssh directory: it must have rwx------ permissions
as stated.

Attempt to log in, and immediately check the logs in /var/log (somewhere ...) to see what sshd said.
There may also be a -v ("verbose") option on the client side.

At this moment, I think that you've basically gotten things "all bolluxed up," somehow, and that you're jousting with windmills
trying to find it.
There might well be several things wrong at the same time.

Last edited by sundialsvcs; 11-30-2016 at 08:50 AM.
 
Old 11-30-2016, 09:00 AM   #39
nibraz
Member
 
Registered: Oct 2008
Posts: 219

Original Poster
Rep: Reputation: 18
I recreated the pub rsa keys from GIT and did ssh -v and -vv and -vvv here is the output:
Set chmod 700 to the authorized_keys file which is showing rwx------
Redid the whole authenication keys.

Here is the output:

Quote:
userN@LT10536 MINGW64 ~
$ ssh -v user@mysite.com
OpenSSH_7.3p1, OpenSSL 1.0.2j 26 Sep 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to mysite.com [xx.xx.xxx.xxx] port 22.
debug1: Connection established.
debug1: identity file /c/Users/userN/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: Authenticating to mysite.com:22 as 'user'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<3072<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:fgAzsfHHU3+ujXQEqxGu1/6S+sELr9PG0E1TV8TWR1w
The authenticity of host 'mysite.com (xx.xx.xxx.xxx)' can't be established.
RSA key fingerprint is SHA256:fgAzsfHHU3+ujXQEqxGu1/6S+sELr9PG0E1TV8TWR1w.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'mysite.com,xx.xx.xxx.xxx' (RSA) to the list of known hosts.
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/userN/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Trying private key: /c/Users/userN/.ssh/id_dsa
debug1: Trying private key: /c/Users/userN/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/userN/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

userN@LT10536 MINGW64 ~
$ ssh -vv user@mysite.com
OpenSSH_7.3p1, OpenSSL 1.0.2j 26 Sep 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolving "mysite.com" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to mysite.com [xx.xx.xxx.xxx] port 22.
debug1: Connection established.
debug1: identity file /c/Users/userN/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to mysite.com:22 as 'user'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha...01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128...cm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128...cm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm...28@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm...28@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-rsa,ssh-dss
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: MACs ctos: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: MACs stoc: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<3072<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug2: bits set: 1530/3072
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:fgAzsfHHU3+ujXQEqxGu1/6S+sELr9PG0E1TV8TWR1w
debug1: Host 'mysite.com' is known and matches the RSA host key.
debug1: Found key in /c/Users/userN/.ssh/known_hosts:1
debug2: bits set: 1576/3072
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS received
debug2: key: /c/Users/userN/.ssh/id_rsa (0x60006bdb0)
debug2: key: /c/Users/userN/.ssh/id_dsa (0x0)
debug2: key: /c/Users/userN/.ssh/id_ecdsa (0x0)
debug2: key: /c/Users/userN/.ssh/id_ed25519 (0x0)
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/userN/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Trying private key: /c/Users/userN/.ssh/id_dsa
debug1: Trying private key: /c/Users/userN/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/userN/.ssh/id_ed25519
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

userN@LT10536 MINGW64 ~
$ ssh -vvv user@mysite.com
OpenSSH_7.3p1, OpenSSL 1.0.2j 26 Sep 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolving "mysite.com" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to mysite.com [xx.xx.xxx.xxx] port 22.
debug1: Connection established.
debug1: identity file /c/Users/userN/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to mysite.com:22 as 'user'
debug3: hostkeys_foreach: reading file "/c/Users/userN/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /c/Users/userN/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from mysite.com
debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha...01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128...cm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128...cm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm...28@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm...28@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-rsa,ssh-dss
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: MACs ctos: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: MACs stoc: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug3: send packet: type 34
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<3072<8192) sent
debug3: receive packet: type 31
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug2: bits set: 1480/3072
debug3: send packet: type 32
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug3: receive packet: type 33
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:fgAzsfHHU3+ujXQEqxGu1/6S+sELr9PG0E1TV8TWR1w
debug3: hostkeys_foreach: reading file "/c/Users/userN/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /c/Users/userN/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from mysite.com
debug3: hostkeys_foreach: reading file "/c/Users/userN/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /c/Users/userN/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from xx.xx.xxx.xxx
debug1: Host 'mysite.com' is known and matches the RSA host key.
debug1: Found key in /c/Users/userN/.ssh/known_hosts:1
debug2: bits set: 1524/3072
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS received
debug2: key: /c/Users/userN/.ssh/id_rsa (0x60006bdb0)
debug2: key: /c/Users/userN/.ssh/id_dsa (0x0)
debug2: key: /c/Users/userN/.ssh/id_ecdsa (0x0)
debug2: key: /c/Users/userN/.ssh/id_ed25519 (0x0)
debug3: send packet: type 5
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/userN/.ssh/id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Trying private key: /c/Users/userN/.ssh/id_dsa
debug3: no such identity: /c/Users/userN/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /c/Users/userN/.ssh/id_ecdsa
debug3: no such identity: /c/Users/userN/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /c/Users/userN/.ssh/id_ed25519
debug3: no such identity: /c/Users/userN/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

userN@LT1

Last edited by nibraz; 11-30-2016 at 09:05 AM.
 
Old 11-30-2016, 09:02 AM   #40
nibraz
Member
 
Registered: Oct 2008
Posts: 219

Original Poster
Rep: Reputation: 18
Quote:
Originally Posted by Turbocapitalist View Post
Ok, it shows that it is listening on port 2228 then. Did you use the other client to connect on port 2228? There should have been something shown in the temporary "sshd" instance you run with -dd.

No I have used port 2228 from client side as its blocked at my work i could try doing this at my home and update you later.

Thanks for helping guys! really appreciate it.
 
Old 11-30-2016, 12:28 PM   #41
c0wb0y
Member
 
Registered: Jan 2012
Location: Inside the oven
Distribution: Windows
Posts: 417

Rep: Reputation: 74
Quote:
userN@LT10536 MINGW64 ~
$ ssh -v user@mysite.com
OpenSSH_7.3p1, OpenSSL 1.0.2j 26 Sep 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to mysite.com [xx.xx.xxx.xxx] port 22.
debug1: Connection established.
debug1: identity file /c/Users/userN/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/userN/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
It seems to me that you're using a custom identity file located at '/c/Users/....'. Are there any custom lines at /etc/ssh/ssh_config? Do you have this at /etc/ssh/sshd_config
Code:
AuthorizedKeysFile .ssh/authorized_keys
 
Old 12-01-2016, 04:01 AM   #42
nibraz
Member
 
Registered: Oct 2008
Posts: 219

Original Poster
Rep: Reputation: 18
Quote:
Originally Posted by c0wb0y View Post
It seems to me that you're using a custom identity file located at '/c/Users/....'. Are there any custom lines at /etc/ssh/ssh_config? Do you have this at /etc/ssh/sshd_config
Code:
AuthorizedKeysFile .ssh/authorized_keys
This is my sshd_config file:

Code:
 #	$OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.

#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
# activation of protocol 1
Protocol 2

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO

# Authentication:
AllowUsers user root
AllowGroups root
#LoginGraceTime 2m
PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile	%h/.ssh/authorized_keys
#AuthorizedKeysCommand none
#AuthorizedKeysCommandRunAs nobody

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
#KerberosUseKuserok yes

# GSSAPI options
#GSSAPIAuthentication no
GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no

# Set this to 'yes' to enable PAM authentication, account processing, 
# and session processing. If this is enabled, PAM authentication will 
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#UsePAM no
UsePAM yes

# Accept locale-related environment variables
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#ShowPatchLevel no
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none

# no default banner path
#Banner none

# override default of no subsystems
Subsystem	sftp	/usr/libexec/openssh/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
#	X11Forwarding no
#	AllowTcpForwarding no
#	ForceCommand cvs server
I am sure that should be right..
 
1 members found this post helpful.
Old 12-01-2016, 11:17 PM   #43
c0wb0y
Member
 
Registered: Jan 2012
Location: Inside the oven
Distribution: Windows
Posts: 417

Rep: Reputation: 74
You have this on your /etc/ssh/sshd_config:
Quote:
AuthorizedKeysFile %h/.ssh/authorized_keys
How about changing that to this:
Code:
AuthorizedKeysFile	.ssh/authorized_keys
Just a guess, your ssh user's $HOME is probably /c/Users... Can you post this:

Code:
echo $HOME
grep <ssh-user> /etc/passwd
 
1 members found this post helpful.
Old 12-01-2016, 11:25 PM   #44
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,049
Blog Entries: 3

Rep: Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521
Quote:
Originally Posted by c0wb0y View Post
How about changing that to this:
Either one will work even in old versions of OpenSSH server, such as 6.6p The %h gets replaced with the user's home directory.
 
Old 12-05-2016, 05:37 AM   #45
nibraz
Member
 
Registered: Oct 2008
Posts: 219

Original Poster
Rep: Reputation: 18
Quote:
Originally Posted by c0wb0y View Post
You have this on your /etc/ssh/sshd_config:


How about changing that to this:
Code:
AuthorizedKeysFile	.ssh/authorized_keys
Just a guess, your ssh user's $HOME is probably /c/Users... Can you post this:

Code:
echo $HOME
grep <ssh-user> /etc/passwd
This is what I got(from server):

Code:
-bash-4.1$ echo $HOME
/
-bash-4.1$ grep user /etc/passwd
user:x:501:501::/:/bin/bash
-bash-4.1$
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] ssh authenication failure screwzm Linux - Networking 5 11-15-2012 08:06 AM
SSH: Permission denied (publickey). clapclash Linux - Networking 6 10-19-2012 06:49 AM
Trying to think of a way to ssh without interactivity and not using the publickey... trist007 Linux - Newbie 3 07-30-2010 08:26 AM
ssh publickey authentication spx2 Linux - Security 11 01-11-2008 05:27 AM
Trouble configuring SSH publickey pioniere Linux - Security 4 02-25-2005 02:20 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 12:26 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration