X-Recipient: archive-cygwin AT delorie DOT com X-SWARE-Spam-Status: No, hits=0.2 required=5.0 tests=AWL,BAYES_00,RP_MATCHES_RCVD,TW_RW X-Spam-Check-By: sourceware.org From: Clayton Evans To: "cygwin AT cygwin DOT com" Date: Fri, 14 Oct 2011 12:07:08 -0500 Subject: RE: openssh authentification Message-ID: References: In-Reply-To: Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 X-IsSubscribed: yes Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id p9EH7e5M011658 > > debug1: Next authentication method: publickey > > debug1: Offering RSA public key: /home/cevans/.ssh/id_rsa > > debug3: send_pubkey_test > > debug2: we sent a publickey packet, wait for reply > > debug1: Authentications that can continue: > > publickey,password,keyboard-interactive > > debug1: Offering DSA public key: /home/cevans/.ssh/id_dsa > > debug3: send_pubkey_test > > debug2: we sent a publickey packet, wait for reply > > debug1: Authentications that can continue: > > publickey,password,keyboard-interactive > > debug1: Offering ECDSA public key: /home/cevans/.ssh/id_ecdsa > > debug3: send_pubkey_test > > debug2: we sent a publickey packet, wait for reply > > debug1: Authentications that can continue: > > publickey,password,keyboard-interactive > > debug2: we did not send a packet, disable method > > So all three of those keys were offered, but none were accepted. Are the public keys for those in your ~/.ssh/authorized_keys file on the > server? > > Do you by chance have any "from" restrictions on the keys in authorized_keys? For example, > > from="localhost" ssh-rsa AAAAB3NzaC1yc... > > That could cause the server to reject the keys. > > > debug1: Next authentication method: password cevans AT jti031's password: > > debug3: packet_send2: adding 64 (len 59 padlen 5 extra_pad 64) > > debug2: we sent a password packet, wait for reply > > debug1: Authentications that can continue: > > publickey,password,keyboard-interactive > > Permission denied, please try again. > > Not sure what would cause that. > > I copied the .ssh/authorized_keys file from the client to the host before the ssh -vvv jti031 was done. I have not intentionally added any "from" restrictions on the keys. From your question I infer that this would be in the authorized_keys file. The lines in the authorized_keys file begin with ssh-rsa ..., ssh-dss ..., ecdsa-sha2-nistp256 .... The lines all end with a white space and @, where and have my user id and client machine name, jti023. Permissions in .ssh on the client are: $ ls -l total 19 -rw-r--r-- 1 cevans Administrators 1816 Oct 13 15:24 authorized_keys -rw------- 1 cevans Administrators 668 Oct 13 15:24 id_dsa -rw-r--r-- 1 cevans Administrators 603 Oct 13 15:24 id_dsa.pub -rw------- 1 cevans Administrators 227 Oct 13 15:24 id_ecdsa -rw-r--r-- 1 cevans Administrators 175 Oct 13 15:24 id_ecdsa.pub -rw------- 1 cevans Administrators 1679 Oct 13 15:24 id_rsa -rw-r--r-- 1 cevans Administrators 395 Oct 13 15:24 id_rsa.pub -rw------- 1 cevans Administrators 978 Oct 13 15:24 identity -rw-r--r-- 1 cevans Administrators 643 Oct 13 15:24 identity.pub -rw-r--r-- 1 cevans Administrators 182 Oct 13 15:43 known_hosts $ ls -ld .ssh drwx------+ 1 cevans Administrators 0 Oct 14 09:23 .ssh Permissions on the host are: -rw-------+ 1 CEvans Administrators 1679 Oct 3 15:13 id_rsa -rw-r--r--+ 1 CEvans Administrators 395 Oct 3 15:13 id_rsa.pub -rw-r--r--+ 1 CEvans Administrators 603 Oct 3 15:13 id_dsa.pub -rw-------+ 1 CEvans Administrators 668 Oct 3 15:13 id_dsa -rw-r--r--+ 1 CEvans Administrators 175 Oct 3 15:14 id_ecdsa.pub -rw-------+ 1 CEvans Administrators 227 Oct 3 15:14 id_ecdsa -rw-------+ 1 CEvans Administrators 978 Oct 3 15:14 identity -rw-r--r--+ 1 CEvans Administrators 643 Oct 3 15:14 identity.pub -rw-r--r--+ 1 CEvans Administrators 48 Oct 4 16:36 authorization -rw-------+ 1 CEvans Administrators 1816 Oct 13 15:24 authorized_keys drwxr-xr-x+ 1 CEvans Administrators 0 Oct 14 09:46 /cygdrive/d/home/cevans/.ssh Clayton Evans -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple