SSH server runs OpenSSH 3.5 on Solaris 8
SSH nclient runs OpenSSH 4.2 on HP-UX 11.23

Even after I put the public key of the client in $HOME/.ssh/
authorized_keys in the server and made sure the permissions where 700
or less, I still get asked for the password. DNS doesn't seem to be an
issue. Why is this happening?


# ssh -v -v -v bava

debug1: Host 'bava' is known and matches the DSA host key.
debug1: Found key in /home/user1/.ssh/known_hosts:1
debug2: bits set: 506/1024
debug1: ssh_dss_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/user1/.ssh/id_rsa (00000000)
debug2: key: /home/user1/.ssh/id_dsa (4004e8e0)
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/user1/.ssh/id_rsa
debug3: no such identity: /home/user1/.ssh/id_rsa
debug1: Offering public key: /home/user1/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
user1@bava's password:

http://www.snailbook.com/faq/publick...auth.auto.html

--
Richard Silverman
res@qoxp.net

The /var/log/auth file on SSH server (Solaris 8)

What does it mean, "Failed publickey"


Jul 19 10:34:20 bava sshd[22662]: [ID 800047 auth.info] Connection
from xxx.xxx.xxx.xxx port 61587
Jul 19 10:34:20 bava sshd[22662]: [ID 800047 auth.info] Enabling
compatibility mode for protocol 2.0
Jul 19 10:34:20 bava sshd[22662]: [ID 800047 auth.info] WARNING: /usr/
local/etc/primes does not exist, using old prime
Jul 19 10:34:20 bava sshd[22662]: [ID 800047 auth.info] Failed none
for user1 from xxx.xxx.xxx.xxx port 61587 ssh2
Jul 19 10:34:20 bava sshd[22662]: [ID 800047 auth.info] Failed
publickey for user1 from xxx.xxx.xxx.xxx port 61587 ssh2

I figured out what the issue was. Because I am using protocol 2,
the public key needed to go to $HOME/.ssh/authorized_keys2
file, not authorized_keys.

SQ <onestatusquo@yahoo.com> wrote:
> I figured out what the issue was. Because I am using protocol 2,
> the public key needed to go to $HOME/.ssh/authorized_keys2
> file, not authorized_keys.

What version of OpenSSH are you using on the server?

--
Darren Dunham ddunham@taos.com
Senior Technical Consultant TAOS http://www.taos.com/
Got some Dr Pepper? San Francisco, CA bay area
< This line left intentionally blank to confuse you. >

Darren Dunham <ddunham@redwood.taos.com> wrote:
> SQ <onestatusquo@yahoo.com> wrote:
>> I figured out what the issue was. Because I am using protocol 2,
>> the public key needed to go to $HOME/.ssh/authorized_keys2
>> file, not authorized_keys.

> What version of OpenSSH are you using on the server?

Sorry, just found the 3.5 in your earlier post.

From OpenSSH 3.0 forward, you shouldn't need to use 'authorized_keys2'.
All keys (including version 2 keys) should function in the
'authorized_keys' file.

--
Darren Dunham ddunham@taos.com
Senior Technical Consultant TAOS http://www.taos.com/
Got some Dr Pepper? San Francisco, CA bay area
< This line left intentionally blank to confuse you. >