Date: Thu, 28 Sep 2006 10:36:40 -0400 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: Free BSD Questions list <freebsd-questions@freebsd.org> Subject: Re: Replace worksation, now can't ssh to older machine Message-ID: <44wt7o6osn.fsf@be-well.ilk.org> In-Reply-To: <20060927123921.GA6760@teddy.fas.com> (stan's message of "Wed, 27 Sep 2006 08:39:21 -0400") References: <20060927123921.GA6760@teddy.fas.com>
next in thread | previous in thread | raw e-mail | index | archive | help
stan <stanb@panix.com> writes: > My trusty lon suffering FreeBSD workstation at work died (hardware), and I > am in the process of replacig it. > > The current iss I have is that I have several older HP-UX achines that I > need to be able to ssh to. I can't remeber exactly how I set these machines > up (it was years agao), but they seem to have some restrictions as to what > machines can ssh to them. I can't sem to get the new FreeBSD machine to be > accepted by them. The are running: > > OpenSSH_2.5.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f > > I added the id_rsa.pub and identity.pub lines to the ~/.ssh/authorized_keys > file on one of the HP-UX machines, but when Itry to conect with verbose > mode urned on, I get: > > ssh -v phse6 > OpenSSH_4.2p1 FreeBSD-20050903, OpenSSL 0.9.7e-p1 25 Oct 2004 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: Connecting to phse6.meadwestvaco.com [170.85.106.131] port 22. > debug1: Connection established. > debug1: identity file /home/stan/.ssh/identity type 0 > debug1: identity file /home/stan/.ssh/id_rsa type 1 > debug1: identity file /home/stan/.ssh/id_dsa type -1 > debug1: Remote protocol version 1.99, remote software version > OpenSSH_2.5.1p1 > debug1: match: OpenSSH_2.5.1p1 pat OpenSSH_2.5.0p1*,OpenSSH_2.5.1p1* > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_4.2p1 FreeBSD-20050903 > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug1: kex: server->client 3des-cbc hmac-md5 none > debug1: kex: client->server 3des-cbc hmac-md5 none > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST_OLD(2048) sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > debug1: Host 'phse6.meadwestvaco.com' is known and matches the DSA host > key. > debug1: Found key in /home/stan/.ssh/known_hosts:195 > debug1: ssh_dss_verify: signature correct > debug1: SSH2_MSG_NEWKEYS sent > debug1: expecting SSH2_MSG_NEWKEYS > debug1: SSH2_MSG_NEWKEYS received > debug1: SSH2_MSG_SERVICE_REQUEST sent > debug1: SSH2_MSG_SERVICE_ACCEPT received > debug1: Authentications that can continue: publickey,keyboard-interactive > debug1: Next authentication method: publickey > debug1: Offering public key: /home/stan/.ssh/id_rsa > debug1: Authentications that can continue: publickey,keyboard-interactive > debug1: Trying private key: /home/stan/.ssh/id_dsa > debug1: Next authentication method: keyboard-interactive > debug1: Authentications that can continue: publickey,keyboard-interactive > debug1: No more authentication methods to try. > Permission denied (publickey,keyboard-interactive). > > Any sugestionsas to what to check next? Turn on verbose mode on the servers, and see what they think. They're the ones that are unhappy with the authentication, so they're the ones you should look at for why the RSA key isn't being accepted.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44wt7o6osn.fsf>