ssh to server is not working

jastanle84 · July 21, 2010, 2:38pm

When we

ssh -i private key user@ip

we get the password prompt. The sending servers public key is in the receiving server. We have blown away the known_hosts file on the sending server and restarted the ssh connection. We don't know what else to do. Any other suggestions?

jim_mcnamara · July 21, 2010, 3:23pm

This sounds like ssh1. Or you think it is. What does

ssh -V

show -- when executed on both the local and remote side ?

ygemici · July 21, 2010, 3:46pm

is not running ssh server on remote or ssh connection is not working that you wanted?

jastanle84 · July 22, 2010, 8:27am

When we run ssh -v it looks like it gets a connection then when it goes into autentication mode it asks for public key and the authentication method disables and goes through keyboard-interactive authentication mode then onto password authentication mode where it finally asks for a password to connect. I don't understand why the public key authentication mode is not working. We recently made some updates to the server. I believe the problem lies on the remote server as the home server can connect to other servers with no problem. What are some files I could check to see if they may have gotten corrupted or lost?

ygemici · July 22, 2010, 10:17am

 
# chmod 700 ~/.ssh
# chmod 600 ~/.ssh/authorized_keys
# service sshd restart

and try again

jastanle84 · July 22, 2010, 1:54pm

Permissions are set and restarted sshd. Still having the same problem. Does NFS have anything to do with issue because NFS is started on the machines that work but not started on the machine that does not work? Just throwing things out there. Keep suggestions coming please.

Ikon · July 22, 2010, 2:07pm

Look in the syslog on the server.

/usr/adm/syslog/syslog.log

jastanle84 · July 22, 2010, 3:23pm

Nothing unusual in the syslog.

ygemici · July 22, 2010, 3:40pm

did you check your public key on remote server ?

and you can write "ssh -vv " output in the forum ?

jastanle84 · July 23, 2010, 7:45am

I have been asked to post the ssh -vv output and I have been told that I cannot post this information as it contains too much proprietary info. All I can tell you is reference my post stating the authentication method fails to password authentication after it does a successful connection. Also, I referenced the syslog.log and it is saying

. I referenced the internet and a few sources are saying exactly what ygemici posted on the permissions. Any other suggestions?

Ikon · July 23, 2010, 7:55am

Make sure the home directory is: drwxr-x---

and ~/.ssh drwxr-x---

and authorized_keys -rw-r-----

jastanle84 · July 23, 2010, 8:02am

All directories have sufficient permissions.

Ikon · July 23, 2010, 8:08am

According to: Authentication refused: bad ownership or modes for directory /home

this is where your problem is, it gives that error when the permissions of home are to relaxed. Set it to what I recommended and try it. I had the same thing in the past and this is how I fixed it. Even try the home directory as 700 if 750 still gives same error.

jastanle84 · July 23, 2010, 8:31am

750 on the home directory fixed it. This still does not explain why permissions are different on this server compared to other servers with the same accounts who have the same permissions set to 770. Any explanations on why this may be?

Ikon · July 23, 2010, 8:36am

Not sure, but you can compare /opt/ssh/etc/sshd_config files on the servers.

Are they all the same HP-UX version? I know there were some changes in security when going to v11.31.

jastanle84 · July 23, 2010, 8:55am

No such luck finding any config issues. Thanks for the help all and I will post if I find any more updates.