Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 2 Feb 2006 01:04:19 +0100
From:      "Daniel A." <ldrada@gmail.com>
To:        david bryce <davidbryce@fastmail.fm>
Cc:        Giorgos Keramidas <keramida@ceid.upatras.gr>, freebsd-questions@freebsd.org
Subject:   Re: SSH with Public Key Authentication (Was: Re: Attention: Giorgos Keramidas (Was: CVS Import Permissions))
Message-ID:  <5ceb5d550602011604p45bf08dfx21e972f44736f879@mail.gmail.com>
In-Reply-To: <1138836616.370.253326484@webmail.messagingengine.com>
References:  <1138676399.30955.253148220@webmail.messagingengine.com> <20060131094135.GA2042@flame.pc> <1138836616.370.253326484@webmail.messagingengine.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Try one or more of the following things:
- Use puttygen to import your private key, and then export as .ppk
- Load your key.ppk into pageant, and let it manage your private key(s)
- Log in using your private key from the server (ie. login to the
server with your password, and then from the shell ssh
username@localhost).

Please inform me of your results.

On 2/2/06, david bryce <davidbryce@fastmail.fm> wrote:
> On Tue, 31 Jan 2006 11:41:35 +0200, "Giorgos Keramidas"
> <keramida@ceid.upatras.gr> said:
> > > Giorgos,
> > >
> > > Thanks very much for replying! I wasn't aware of this environment
> > > variable (even though I spent quite a while on this problem). Using
> > > CVSUMASK certainly works when working on the server machine!
> > >
> > > We are currently using a pserver installation, with developers using
> > > windows machines. We need a way to achieve the same effect with a use=
r on
> > > a windows machine doing an import. Do you have any idea how this can =
be
> > > done? Thank you!
> >
> > I'm not sure.  I know that the setting of CVSUMASK on the server machin=
e
> > works if you use SSH tunneling though.  If it's not too much trouble, y=
ou
> > can set up SSH-based authentication instead of :pserver: and make sure
> > the
> > .bashrc or .cshrc of the developers on the server machine sets CVSUMASK
> > correctly.
> >
> > SSH-tunneled CVS is what the FreeBSD project uses in the official CVS
> > repository, so I guess this setup works as expected :)
>
> Giorgos,
>
> Thanks again for taking the time to reply. I have tried using SSH in
> the past, and got stuck setting up the public key login (that's
> why we're using pserver).
>
> I spent a few hours yesterday trying to get SSH going again. I can
> login with SSH from the windows machine using Putty, but only when
> I use password authentication. In order to use cvs with ssh (using
> the plink program in Putty), we must use public key authentication.
>
> We are getting a 'Key Refused' error when trying to use public key
> authentication. I have tried doing several things including editing
> the /etc/ssh/sshd_config file:
>
> PubkeyAuthentication yes
> AuthorizedKeysFile      .ssh/authorized_keys
>
> We also had to make these changes in order to get password based
> ssh to work:
>
> UsePAM no
> PermitRootLogin yes
>
> We also tried putting the public key into various files:
> .ssh/authorized_keys
> .ssh/authorized_keys2
> .ssh2/authorized_keys
> .ssh2/authorized_keys2
>
> (and made sure they are not group/world writable. The keys are
> SSH2 DSA 1024 bits)
>
> I tried looking in the /var/log/auth.log file, and what I'm seeing
> is:
>
> Feb  2 10:19:26 mail1 sshd2[15343]: connection from "xxx.xx.xxx.x"
> Feb  2 10:19:26 mail1 sshd2[15344]: WARNING: DNS lookup failed for
> "xxx.xx.xxx.\
> x".
> Feb  2 10:19:29 mail1 sshd2[15344]: Local disconnected: Connection
> closed.
> Feb  2 10:19:29 mail1 sshd2[15344]: connection lost: 'Connection
> closed.'
>
> (I set "LogLevel DEBUG3" in sshd_config. I don't think the DNS
> error is relevant, because password based ssh is working. But
> I could wrong. What do you think?)
>
> Do you have any idea where I can look to find out why the key is
> being refused? Are there any other logfiles other than auth.log
> that could give a clue to what's going wrong? Thanks!
>
> Regards,
>
> DB
> --
>   david bryce
>   davidbryce@fastmail.fm
>
> --
> http://www.fastmail.fm - A fast, anti-spam email service.
>
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o=
rg"
>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5ceb5d550602011604p45bf08dfx21e972f44736f879>