Hi
I hope someone can spot what is wrong with this ssh connection as it has me baffled.
I am trying to set up a remote ssh connection (passwordless) to a remote 'server', (Ubuntu laptop at home).
I have tried these steps with rsa and dsa key types, (currently dsa) -
1) ssh-keygen -t rsa -f bsa -P ''
2) cat bsa.pub | ssh brad@tx5xn 'cat >> .ssh/authorized_keys'
3) cat bsa.pub >> authorized_keys
4) Try to log into remote machine (tx5xn) -
/home/brad/.ssh >ssh brad@tx5xn
Agent admitted failure to sign using the key.
brad@tx5xn's password:
Same error for ssh into local host
Tried changing authorized_keys to authorized_keys2
Tried chmod 0640 for authorized_keys
Deleted all files above and the same with dsa key
I found that if I logged into the remote machine and executed these
commands then I could log in remotely from another session
without a password. But when I logged out from both sessions
and tried to log in again I was once again blocked and asked for a
password.
chmod go-w ~/
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
Listing one is the verbose output from the time I could log in without a password. (After executing the above on the remote server).
Listing two is when I am blocked. After logging out of both sessions and trying to log back in.
BTW, I have added the same key bsa.pub to my authorized keys file on my local client and can ssh into myself without a password reliably.
I don't understand why I can't get the passwordless connection to remain stable on the remote server.
Any ideas?
Listing One (Temporary success) =======================
/home/brad/.ssh >ssh -v brad@tx5xn
OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to tx5xn [192.168.1.65] port 22.
debug1: Connection established.
debug1: identity file /home/brad/.ssh/id_rsa type -1
debug1: identity file /home/brad/.ssh/id_rsa-cert type -1
debug1: identity file /home/brad/.ssh/id_dsa type -1
debug1: identity file /home/brad/.ssh/id_dsa-cert type -1
debug1: identity file /home/brad/.ssh/id_ecdsa type -1
debug1: identity file /home/brad/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: RSA 51:80:8b:c9:78:2a:13:bb:28:75:ad:83:b8:8d:91:1d
debug1: Host 'tx5xn' is known and matches the RSA host key.
debug1: Found key in /home/brad/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering DSA public key: brad@ubuntu-dt64
debug1: Server accepts key: pkalg ssh-dss blen 433
debug1: Authentication succeeded (publickey).
Authenticated to tx5xn ([192.168.1.65]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_GB.UTF-8
Welcome to Ubuntu 12.04.1 LTS (GNU/Linux 3.2.0-30-generic i686)
* Documentation: https://help.ubuntu.com/
3 packages can be updated.
0 updates are security updates.
Last login: Mon Sep 10 11:58:14 2012 from ubuntu-dt64.home
/home/brad>logout
Listing Two (Reverts to prompting for password) ===============
/home/brad/.ssh >ssh -v brad@tx5xn
OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to tx5xn [192.168.1.65] port 22.
debug1: Connection established.
debug1: identity file /home/brad/.ssh/id_rsa type -1
debug1: identity file /home/brad/.ssh/id_rsa-cert type -1
debug1: identity file /home/brad/.ssh/id_dsa type -1
debug1: identity file /home/brad/.ssh/id_dsa-cert type -1
debug1: identity file /home/brad/.ssh/id_ecdsa type -1
debug1: identity file /home/brad/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: RSA 51:80:8b:c9:78:2a:13:bb:28:75:ad:83:b8:8d:91:1d
debug1: Host 'tx5xn' is known and matches the RSA host key.
debug1: Found key in /home/brad/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering DSA public key: brad@ubuntu-dt64
debug1: Authentications that can continue: publickey,password
debug1: Offering DSA public key: bsa
debug1: Authentications that can continue: publickey,password
debug1: Offering RSA public key: brad@ubuntu-dt64
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/brad/.ssh/id_rsa
debug1: Trying private key: /home/brad/.ssh/id_dsa
debug1: Trying private key: /home/brad/.ssh/id_ecdsa
debug1: Next authentication method: password
brad@tx5xn's password:
Files in .ssh directory on client -
-rw-rw-r-- 1 brad brad 606 Sep 10 11:37 authorized_keys2
-rw------- 1 brad brad 668 Sep 10 11:33 bsa
-rw-r--r-- 1 brad brad 606 Sep 10 11:33 bsa.pub
Files in Server side
-rw------- 1 brad brad 606 Sep 10 11:36 authorized_keys2
also tried
-rw-r--r-- 1 brad brad 606 Sep 10 11:36 authorized_keys2