X-Recipient: archive-cygwin AT delorie DOT com X-SWARE-Spam-Status: No, hits=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: sourceware.org Date: Fri, 14 Oct 2011 22:07:14 +0200 From: David Sastre To: cygwin AT cygwin DOT com Subject: Re: openssh authentification Message-ID: <20111014200714.GA5531@jethro.local.lan> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="1yeeQ81UyVL57Vl7" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.20 (2009-06-14) X-IsSubscribed: yes Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com --1yeeQ81UyVL57Vl7 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Oct 14, 2011 at 01:43:57PM -0500, Clayton Evans wrote: > > > > > debug1: Next authentication method: publickey > > > > > debug1: Offering RSA public key: /home/cevans/.ssh/id_rsa > > > > > debug3: send_pubkey_test > > > > > debug2: we sent a publickey packet, wait for reply > > > > > debug1: Authentications that can continue:=20 > > > > > publickey,password,keyboard-interactive > > > > > debug1: Offering DSA public key: /home/cevans/.ssh/id_dsa > > > > > debug3: send_pubkey_test > > > > > debug2: we sent a publickey packet, wait for reply > > > > > debug1: Authentications that can continue:=20 > > > > > publickey,password,keyboard-interactive > > > > > debug1: Offering ECDSA public key: /home/cevans/.ssh/id_ecdsa > > > > > debug3: send_pubkey_test > > > > > debug2: we sent a publickey packet, wait for reply > > > > > debug1: Authentications that can continue:=20 > > > > > publickey,password,keyboard-interactive > > > > > debug2: we did not send a packet, disable method > > > > > > > > So all three of those keys were offered, but none were accepted. A= re the public keys for those in your ~/.ssh/authorized_keys file on the > s= erver? > > >=20 > > > I copied the .ssh/authorized_keys file from the client to the host be= fore the ssh -vvv jti031 was done. > > > > OK, but that's not exactly what I asked. The question is, is one of th= ose public keys (/home/cevans/.ssh/id_rsa.pub, /home/cevans/.ssh/id_dsa.pub= , or /home/cevans/.ssh/id_ecdsa.pub from the client) in ~/.ssh/authorized_k= eys on the server? >=20 > No, the id_*.pub files were not copied.=20=20=20 >=20 > I have now copied all three id_*.pub files from the client to the host. = I have rerun 'ssh -vvv jti031' with identical results. (At least diff finds= the results to be identical.) I'd double-check StrictModes and PubkeyAuthentication in sshd_config. Also, there's no need to copy around your pub keys manually, use ssh-copy-id(1) for that. --=20 Huella de clave primaria: AD8F BDC0 5A2C FD5F A179 60E7 F79B AB04 5299 EC56 --1yeeQ81UyVL57Vl7 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iF4EAREIAAYFAk6YlnIACgkQ95urBFKZ7FZMpgD9F4EdPCGUBYv1ZdFlg6T7cMre 67qyr0m3/BYExDlFaV0A/0UxayXa1CN6u5rg6QfUMkPsYtVpLG0LDRMmWHhJXhoz =3gUD -----END PGP SIGNATURE----- --1yeeQ81UyVL57Vl7--