Date: Mon, 02 Feb 2015 23:47:23 +0000 From: Dave <dave@dgmm.net> To: freebsd-questions@freebsd.org Subject: Passwordless ssh, keys not authenticating, asks for password Message-ID: <2158037.0CyDn4nRuB@amd.asgard.uk>
next in thread | raw e-mail | index | archive | help
Hi, I'm trying to set up passwordless ssh login I have it working on all but one client, with no obvious reason why it's not working on this one box. Box1 (ubuntu) uname -a Linux ubuntu 3.2.0-75-generic #110-Ubuntu SMP Tue Dec 16 19:11:28 UTC 2014 i686 i686 i386 GNU/Linux Box2 (testbox - working) uname -a FreeBSD testbox.asgard.uk 9.3-RELEASE-p9 FreeBSD 9.3-RELEASE-p9 #0: Tue Jan 27 10:43:40 UTC 2015 root@amd64- builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 Box3 (amd - not working) uname -a FreeBSD amd.asgard.uk 9.3-RELEASE-p9 FreeBSD 9.3-RELEASE-p9 #0: Tue Jan 27 10:43:40 UTC 2015 root@amd64- builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 On Box1 I did ssh-keygen (default answers, no pass phrase) ssh-copy-id dave@testbox ssh-copy-id dave@amd ssh-add Boxes 2 and 3 have identical and default /etc/ssh/ssh_config and the following are identical. ~/.ssh is chmod 700 -rw------- 1 dave dave 797 2 Feb 22:10 authorized_keys -rw-r--r-- 1 dave dave 165 6 Jan 23:27 known_host ssh dave@testbox (Box2 works fine) ssh dave@amd (Box3 fails and asks for the password) Results of ssh -v dave@amd (Box3) OpenSSH_5.9p1 Debian-5ubuntu1.4, OpenSSL 1.0.1 14 Mar 2012 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to amd [192.168.1.3] port 22. debug1: Connection established. debug1: identity file /home/dave/.ssh/id_rsa type 1 debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 debug1: identity file /home/dave/.ssh/id_rsa-cert type -1 debug1: identity file /home/dave/.ssh/id_dsa type -1 debug1: identity file /home/dave/.ssh/id_dsa-cert type -1 debug1: identity file /home/dave/.ssh/id_ecdsa type -1 debug1: identity file /home/dave/.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420 debug1: match: OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ECDSA xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx debug1: Host 'amd' is known and matches the ECDSA host key. debug1: Found key in /home/dave/.ssh/known_hosts:1 debug1: ssh_ecdsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Next authentication method: publickey debug1: Offering RSA public key: /home/dave/.ssh/id_rsa debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Offering RSA public key: dave@ubuntu debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Trying private key: /home/dave/.ssh/id_dsa debug1: Trying private key: /home/dave/.ssh/id_ecdsa debug1: Next authentication method: keyboard-interactive Password for dave@amd.asgard.uk: Box3 (amd,the problembox) pkg info | grep ssh libssh-0.6.3_1 Library implementing the SSH1 and SSH2 protocol linux-c6-libssh2-1.4.2_1 Library implementing the SSH2 protocol (Linux CentOS 6.6 Box (testbox,a working box) pkg info | grep ssh libssh-0.6.3_1 Library implementing the SSH1 and SSH2 protocol To eliminate the potential difference, pkg info | grep ssh shows no results on a 9.2 box where passwordless ssh works. I also successfully tested with a RaspBMC box. I can only assume there is something different somewhere on Box3 (amd) that I've changed and forgotten about. Is there anything else you need to know to help me?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2158037.0CyDn4nRuB>