Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SSH authentication via public keys on RH 9.0 1

Status
Not open for further replies.

asanchez4

Programmer
Apr 22, 2004
32
US
Has anyone been able to get SSH authentication via public key on RedHat 9.0?

I have the standard RH 9.0 installation.

I used SSH client version 3.2.9 from a Windows machine. I created the keys, uploaded the public key to the server, and then try to connect via public keys.

I've verified that they public key files exist in ~/.ssh/ directory and that the sshd_config file is configured properly.

Each time that I try to connect, I get the error message "Server responded No further authentication methods available"

I have googled the error messages but have had no success on fixing the problem. Has anyone been able to get this to work?

thanks
 
On the Linux machine you have to add the public key(s) to a file called "authorized_keys" the easiest way to do that is to run the command "cat *.pub >> /path/to/authorized_keys" then the key is to make sure that you change the permission of authorized_keys to RW for owner only! Without that it will not be read. Run "chmod 600 authorized_keys" then the next time you try to connect if should work!

Let me know if you need more info.

Burke
 
I tried the authorized_keys method but still no success. Where does the authorized_keys file go?

This is exactly what I did.
I went to the /home/jed/.ssh2 directory and there was a file called "authorization" with an entry that pointed to a .pub file named jed_key.pub

From the .ssh2 directory I entered
"cat *.pub > authorized_keys"
"chmod 600 authorized_keys"

Then I restarted the ssh service.

When I try to reconnect using "public key" from the sshd client, I get the same error message.

Thanks again.
 
Try running the ssh client with a '-v' to add verbosity to error messages. May point out something you aren't seening otherwise.

Also, check permissions on the ~/.ssh directory (I _think_ they need to be 700). If the directory is world-readable or writeable, ssh will refuse to use it for security reasons (will be made apparent with '-v' option).

I had a similar problem some years ago, and after pulling my hair out for a while before finding and fixing the problem. Have never forgotten that hard-learned lesson ;-)

----
JBR
 
Thanks for the reply. I turned on verbose logging and get the following. Any ideas why it says that "Ssh2AuthPubKeyClient: Agent is not running."?

Also, any idea why it fails parsing the key file? I generated the key file using SSH client. The key file exists.

thanks again



C:\Documents and Settings\Jed>ssh2 192.168.0.105 -l jed -i UserKeys/key.pub -v
debug: Connecting to 192.168.0.105, port 22... (SOCKS not used)
debug: Ssh2Transport: My version: SSH-1.99-3.2.9 SSH Secure Shell Windows Client

debug: client supports 2 auth methods: 'publickey,password'
debug: Ssh2Common: local ip = 192.168.0.100, local port = 1334
debug: Ssh2Common: remote ip = 192.168.0.105, remote port = 22
debug: SshConnection: Wrapping...
debug: Remote version: SSH-1.99-OpenSSH_3.5p1
debug: OpenSSH: Major: 3 Minor: 5 Revision: 0
debug: Ssh2Transport: All versions of OpenSSH handle kex guesses incorrectly.
debug: Ssh2Transport: lang s to c: `', lang c to s: `'
debug: Ssh2Transport: c_to_s: cipher aes128-cbc, mac hmac-sha1, compression none

debug: Ssh2Transport: s_to_c: cipher aes128-cbc, mac hmac-sha1, compression none

debug: Remote host key found from database.
debug: Ssh2Common: Received SSH_CROSS_STARTUP packet from connection protocol.
debug: Ssh2Common: Received SSH_CROSS_ALGORITHMS packet from connection protocol
.
debug: server offers auth methods 'publickey,password,keyboard-interactive'.
debug: Ssh2AuthPubKeyClient: Starting pubkey auth...
debug: Ssh2AuthPubKeyClient: Agent is not running.
debug: Ssh2AuthPubKeyClient: Got 0 keys from the agent.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 3:
parsing line failed.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 4:
parsing line failed.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 5:
parsing line failed.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 6:
parsing line failed.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 7:
parsing line failed.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 8:
parsing line failed.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 9:
parsing line failed.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 10
: parsing line failed.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 11
: parsing line failed.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 12
: parsing line failed.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 13
: parsing line failed.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 14
: parsing line failed.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 15
: parsing line failed.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 16
: parsing line failed.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 17
: parsing line failed.
warning: C:/Documents and Settings/Jed/Application Data/SSH/UserKeys/key.pub: 18
: parsing line failed.
debug: Ssh2AuthPubKeyClient: Trying 0 key candidates.
debug: Ssh2AuthPubKeyClient: All keys declined by server, disabling method.
debug: Ssh2AuthClient: Method 'publickey' disabled.
debug: server offers auth methods 'publickey,password,keyboard-interactive'.
debug: Ssh2AuthPasswdClient: Starting password auth...
jed's password:
 
You generated these keys on a Windows box, sent them to a *nix box via ftp or something? Not sure where the breakage occurs, but I bet the problem is the key files have DOS line endings instead of *nix ones. On the *nix/server box, try running your key file through 'dos2unix'.

----
JBR
 
I tried the dos2unix method -- no luck. Any other suggestions out there?

thanks
 
I had exactly the same problem (only difference I had Debian Linux as server)... I tried everything, including editing the public key to remove line breaks, nothing worked. Have you same other suggestion? many thanks
 
I ended up using ssh instead of ssh2 and had no problems.

 
Thanks for the answer. Are you talking about the server side or the client side? I do not know how to force the SSH client to use protocol version 1 instead than 2 (I have the non commercial version of SSH 3.2.9). On the server side, I think that I should change the parameter "Protocol" in the sshd-config file, but this is possible only if you have root permission...
Thanks again
 
I didn't make any changes on the server side -- it is the default setup on Redhat 9.0.

I just use the ssh protocol from the commandline. I primarily use sftp from the commandline. These two clients are from Cygwin.

I use this for automated secure ftp.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top