Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Subject: Need help with password-less ssh Date: Tue, 18 Nov 2003 15:26:58 -0700 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: From: "Ware, John" To: Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id hAIMREIf012667 Hi, I am not able to successfully configure my systems to allow me to ssh to a remote system without being prompted for a password. I need this to use pcl-cvs in emacs. I have studied what I could find on this and other lists and have tried to follow the instructions. But, alas it no workee and I am appealing to you for help. I'm trying to ssh from win2k to redhat linux. First my environment on wdoze: $ uname -a CYGWIN_NT-5.0 JWARE-PC 1.5.5(0.94/3/2) 2003-09-20 16:31 i686 unknown unknown Cygwin $ ssh -V OpenSSH_3.7.1p2, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003 and on linux > uname -a Linux aspen 2.4.7-10 #1 Thu Sep 6 17:27:27 EDT 2001 i686 unknown sshd version OpenSSH_2.9p2 So, what I've done is to generate my keys using ssh-keygen, copied the public key to the server, added the key to the file $HOME/.ssh/authorized_keys and invoke ssh using the -i switch explictly naming the private key file. The trace follows: jware AT JWARE-PC ~/.ssh $ ps PID PPID PGID WINPID TTY UID STIME COMMAND 1408 1 1408 1408 con 13003 13:18:49 /usr/bin/rxvt 1192 1408 1192 1508 0 13003 13:18:49 /usr/bin/bash 1388 1 1388 1388 con 13003 13:38:54 /usr/bin/rxvt I 520 1388 520 480 1 13003 13:38:55 /usr/bin/bash 1328 1192 1328 1456 0 13003 13:39:37 /usr/bin/bash 1580 520 1580 1580 1 13003 13:42:27 /c/apps/gnu/emacs/bin/emacs 1528 1328 1528 1568 0 13003 13:44:17 /usr/bin/ps jware AT JWARE-PC ~/.ssh $ echo $HOME /home/jware jware AT JWARE-PC ~/.ssh $ pwd /home/jware/.ssh jware AT JWARE-PC ~/.ssh $ ls jware AT JWARE-PC ~/.ssh $ ssh-keygen -t rsa -f $HOME/.ssh/id_rsa Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/jware/.ssh/id_rsa. Your public key has been saved in /home/jware/.ssh/id_rsa.pub. The key fingerprint is: jware AT JWARE-PC ~/.ssh $ ls id_rsa id_rsa.pub jware AT JWARE-PC ~/.ssh $ scp id_rsa.pub jware AT aspen:.ssh/id_rsa.pub jware AT aspen's password: id_rsa.pub 100% 224 0.0KB/s 00:00 jware AT JWARE-PC ~/.ssh $ ssh jware AT aspen jware AT aspen's password: Last login: Tue Nov 18 13:45:50 2003 from bldasd-177154.ball.com jware AT aspen:~ > cd .ssh jware AT aspen:~/.ssh > ls id_rsa.pub jware AT aspen:~/.ssh > cat id_rsa.pub > authorized_keys jware AT aspen:~/.ssh > ll total 20 drwx------ 2 jware aspen 4096 Nov 18 13:49 ./ drwxrwxrwx 26 jware aspen 8192 Nov 18 13:28 ../ -rw-rw-r-- 1 jware aspen 224 Nov 18 13:49 authorized_keys -rw-r--r-- 1 jware aspen 224 Nov 18 13:47 id_rsa.pub jware AT aspen:~/.ssh > exit Connection to aspen closed. jware AT JWARE-PC ~/.ssh $ ssh -vvv -i $HOME/.ssh/id_rsa jware AT aspen OpenSSH_3.7.1p2, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003 debug2: ssh_connect: needpriv 0 debug1: Connecting to aspen [162.18.176.245] port 22. debug1: Connection established. debug3: Not a RSA1 key file /home/jware/.ssh/id_rsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /home/jware/.ssh/id_rsa type 1 debug1: Remote protocol version 1.99, remote software version OpenSSH_2.9p2 debug1: match: OpenSSH_2.9p2 pat OpenSSH_2.*,OpenSSH_3.0*,OpenSSH_3.1* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.7.1p2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc AT lysator DOT liu DOT se,aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc AT lysator DOT liu DOT se debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc AT lysator DOT liu DOT se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 AT openssh DOT com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 136/256 debug2: bits set: 1008/2049 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /cygdrive/c/.ssh/known_hosts debug3: check_host_in_hostfile: match line 2 debug3: check_host_in_hostfile: filename /cygdrive/c/.ssh/known_hosts debug3: check_host_in_hostfile: match line 2 debug1: Host 'aspen' is known and matches the RSA host key. debug1: Found key in /cygdrive/c/.ssh/known_hosts:2 debug2: bits set: 1048/2049 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/jware/.ssh/id_rsa (0x100f91c0) debug1: Authentications that can continue: publickey,password,keyboard-interactive debug3: start over, passed a different list publickey,password,keyboard-interactive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering public key: /home/jware/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,password,keyboard-interactive debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug1: Authentications that can continue: publickey,password,keyboard-interactive debug3: userauth_kbdint: disable: no info_req_seen debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: debug3: authmethod_is_enabled password debug1: Next authentication method: password jware AT aspen's password: Any help would be greatly appreciated. john ware -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/