Go Back   AnandTech Forums > Software > *nix Software

Forums
· Hardware and Technology
· CPUs and Overclocking
· Motherboards
· Video Cards and Graphics
· Memory and Storage
· Power Supplies
· Cases & Cooling
· SFF, Notebooks, Pre-Built/Barebones PCs
· Networking
· Peripherals
· General Hardware
· Highly Technical
· Computer Help
· Home Theater PCs
· Consumer Electronics
· Digital and Video Cameras
· Mobile Devices & Gadgets
· Audio/Video & Home Theater
· Software
· Software for Windows
· All Things Apple
· *nix Software
· Operating Systems
· Programming
· PC Gaming
· Console Gaming
· Distributed Computing
· Security
· Social
· Off Topic
· Politics and News
· Discussion Club
· Love and Relationships
· The Garage
· Health and Fitness
· Home and Garden
· Merchandise and Shopping
· For Sale/Trade
· Hot Deals with Free Stuff/Contests
· Black Friday 2014
· Forum Issues
· Technical Forum Issues
· Personal Forum Issues
· Suggestion Box
· Moderator Resources
· Moderator Discussions
   

Reply
 
Thread Tools
Old 12-09-2007, 08:27 PM   #1
xSauronx
Lifer
 
xSauronx's Avatar
 
Join Date: Jul 2000
Location: Eastern NC
Posts: 19,326
Default ssh problem: no public key



Setup:

tower : vmware host : Debian Etch - actium
tower : vmware guest : CentOS 5 - vienna
Laptop : Ubuntu 7.10 - pergamum

i set up thevmware host today and wanted to have ssh running between all of the systems, so i go around with the sshd set to allow password use so i can copy the keys as i need them

then i set all the sshd servers to allow passwordless public key authentication

i can ssh FROM actium TO pergamum
FROM vienna TO pergamum
FROM pergamum TO actium
FROM actium TO vienna

i cant shh from actium or pergamum into vienna, as i get a "Permission Denied (no publickey)" error :/

but i cant figure out *why*. i did the exact same thing i did on the other two machines.

xsauronx@$client: scp ~/.ssh/id_rsa.pub $remotehost:~/.ssh/id_rsa.pub.$client
then from the remotehost
xsauronx@$remotehost: cat id_rsa.pub.$client >> authorized_keys

again, on the laptop and the vmware host machine, it works flawlessly

but i cant ssh into the CentOS guest with the key. If i enable cleartext passwords it works, but of course, thats not what I want

what can i do? am i overlooking something?

heres the /etc/ssh/sshd_config from vienna:

Quote:
# $OpenBS sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.

#Port 22
#Protocol 2,1
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
PermitRootLogin no
StrictModes yes
MaxAuthTries 4

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords yes



# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication mechanism.
# Depending on your PAM configuration, this may bypass the setting of
# PasswordAuthentication, PermitEmptyPasswords, and
# "PermitRootLogin without-password". If you just want the PAM account and
# session checks to run without PAM authentication, then enable this but set
# ChallengeResponseAuthentication=no
UsePAM no
#UsePAM yes

# Accept locale-related environment variables
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#ShowPatchLevel no
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no

# no default banner path
#Banner /some/path

# override default of no subsystems
Subsystem sftp /usr/libexec/openssh/sftp-server
__________________
LET'S GO 'CANES [they arent going anywhere. ever.]
Free speech doesn't protect speech you like, it protects speech you hate.

Heatware |
xSauronx is offline   Reply With Quote
Old 12-09-2007, 10:22 PM   #2
Skeeedunt
Platinum Member
 
Join Date: Oct 2005
Posts: 2,631
Default ssh problem: no public key

Permissions correct?

$ chmod 700 ~/.ssh
$ chmod 600 ~/.ssh/id_rsa

http://wiki.centos.org/HowTos/Network/SecuringSSH
__________________
Quote:
Originally Posted by Jaskalas View Post
PSA, when discovered to be wrong, do not double down.
Skeeedunt is offline   Reply With Quote
Old 12-10-2007, 09:49 AM   #3
Nothinman
Elite Member
 
Nothinman's Avatar
 
Join Date: Sep 2001
Posts: 30,672
Default ssh problem: no public key

Permissions are usually the problem, up the verbosity of ssh (or run the server in debug mode) and it'll probably tell you exactly what's wrong.
__________________
http://www.debian.org
Nothinman is offline   Reply With Quote
Old 12-10-2007, 08:25 PM   #4
xSauronx
Lifer
 
xSauronx's Avatar
 
Join Date: Jul 2000
Location: Eastern NC
Posts: 19,326
Default ssh problem: no public key

permissions was it, d'oh!

thanks guys
__________________
LET'S GO 'CANES [they arent going anywhere. ever.]
Free speech doesn't protect speech you like, it protects speech you hate.

Heatware |
xSauronx is offline   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 08:08 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.