Date: Fri, 18 Jan 2002 18:39:59 -0500 (EST) From: Trevor Johnson <trevor@jpj.net> To: Neil McGann <neil@neilmcgann.co.uk> Cc: freebsd-security@FreeBSD.ORG Subject: Re: openssh problem Message-ID: <20020118182945.B11968-100000@blues.jpj.net> In-Reply-To: <5.1.0.14.0.20020118231321.00a43230@pop.ntlworld.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Hi All, Hi, Neil. > I have a problem with 4.5-RC and openssh 3.0.2 accepting public keys. > Normal password authentication via ssh works OK and I have tested the keys > on another server running 4.3 (free logon account with to > m-net.arbornet.org) with my client (putty V0.45beta) so I know they are valid. > > When I attempt to logon to my machine I get a message saying 'server > refused our key' and when I turn debug messages on in sshd_conf I see PAM > failing to authorise type 'publickey'. I get the same message if I have no > keys in the authorized_keys file or if the file isn't there at all. Possibly you are connecting with protocol version 2, but you generated a public key for protocol version 1 (or vice versa). Check the FILES section of the ssh-keygen man page (paragraphs about $HOME/.ssh/identity.pub and $HOME/.ssh/id_dsa.pub). Try making a DSA key and putting it in ~/.ssh/authorized_keys2. Protocol version 1 is less secure. If that isn't the problem, try the -v option to the ssh client. -- Trevor Johnson To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020118182945.B11968-100000>