X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-2.1 required=5.0	tests=AWL,BAYES_00,RP_MATCHES_RCVD,SPF_HELO_PASS
X-Spam-Check-By: sourceware.org
To: cygwin AT cygwin DOT com
From: Andrew Schulman <schulman DOT andrew AT epamail DOT epa DOT gov>
Subject: Re: openssh authentification
Date: Fri, 14 Oct 2011 13:20:08 -0400
Lines: 44
Message-ID: <ferg9799a79cbj4q6djuote32bqup8rmo1@4ax.com>
References: <C1D4084E4F215A4F890E70E3675DF633491EC860BE AT JTISBS8 DOT joshitech DOT local> <jifg97lcabu2le035n29f2mr1dk0pchod5 AT 4ax DOT com> <C1D4084E4F215A4F890E70E3675DF633491EC860C4 AT JTISBS8 DOT joshitech DOT local>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Archive: encrypt
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

> > > debug1: Next authentication method: publickey
> > > debug1: Offering RSA public key: /home/cevans/.ssh/id_rsa
> > > debug3: send_pubkey_test
> > > debug2: we sent a publickey packet, wait for reply
> > > debug1: Authentications that can continue: 
> > > publickey,password,keyboard-interactive
> > > debug1: Offering DSA public key: /home/cevans/.ssh/id_dsa
> > > debug3: send_pubkey_test
> > > debug2: we sent a publickey packet, wait for reply
> > > debug1: Authentications that can continue: 
> > > publickey,password,keyboard-interactive
> > > debug1: Offering ECDSA public key: /home/cevans/.ssh/id_ecdsa
> > > debug3: send_pubkey_test
> > > debug2: we sent a publickey packet, wait for reply
> > > debug1: Authentications that can continue: 
> > > publickey,password,keyboard-interactive
> > > debug2: we did not send a packet, disable method
> >
> > So all three of those keys were offered, but none were accepted.  Are the public keys for those in your ~/.ssh/authorized_keys file on the > server?
> 
> I copied the .ssh/authorized_keys file from the client to the host before the ssh -vvv jti031 was done.

OK, but that's not exactly what I asked.  The question is, is one of those
public keys (/home/cevans/.ssh/id_rsa.pub, /home/cevans/.ssh/id_dsa.pub, or
/home/cevans/.ssh/id_ecdsa.pub from the client) in ~/.ssh/authorized_keys
on the server?

> > Do you by chance have any "from" restrictions on the keys in authorized_keys?  For example,
> >
> > from="localhost" ssh-rsa AAAAB3NzaC1yc...
> >
> > That could cause the server to reject the keys.
> 
> I have not intentionally added any "from" restrictions on the keys.  From
> your question I infer that this would be in the authorized_keys file.

Correct, see AUTHORIZED_KEYS FILE FORMAT in sshd(8).

> The lines in the authorized_keys file begin with ssh-rsa ..., ssh-dss ..., 
> ecdsa-sha2-nistp256 ....  The lines all end with a white space and 
> <userid>@<clientname>, where <userid> and <clientname> have my user id and 
> client machine name, jti023.

OK, so the answer to that is no.


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple