All,
I am running the openssh version 2.9 on Solaris 7.
I have the openssh server running on pc1 and client on
pc2. Both systems have the commerical ssh1/ssh2
installed, but turned off. I want to be able to use my
rsa keys for access from pc1 to pc2.
On pc1 I do a /utils/openssh/bin/ssh-keygen -t rsa
I wind up having this in ~/.ssh
-r-------- 1 myuser posse id_rsa
-r-------- 1 myuser posse id_rsa.pub
-rw-r--r-- 1 myuser posse known_hosts2
-rw------- 1 myuser posse prng_seed
I then scp id_rsa.pub to myuser@pc2:~./ssh
I login to pc2 and do
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys2
On pc1 I try both
/utils/openssh/bin/ssh -l myuser -v pc2
/utils/openssh/bin/ssh -2 -i /home/myuser/.ssh/id_rsa
-l myuser -v pc2
Both times it doens't use my key, it just defaults to
password access.
On both systems I have in the mian /utils/openssh/etc
dir:
$ more ssh_config
RSAAuthentication yes
PasswordAuthentication yes
IdentityFile ~/.ssh/identity
IdentityFile ~/.ssh/id_dsa
IdentityFile ~/.ssh/id_rsa
Port 22
Protocol 2,1
$ more sshd_config
Port 22
Protocol 2,1
HostKey /utils/openssh/etc/ssh_host_key
HostKey /utils/openssh/etc/ssh_host_rsa_key
HostKey /utils/openssh/etc/ssh_host_dsa_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
IgnoreRhosts yes
StrictModes yes
KeepAlive yes
SyslogFacility AUTH
LogLevel INFO
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
Subsystem sftp
/utils/openssh/libexec/sftp-server
I even includeed the debugging info from the above ssh
connections
On pc1 which has the id_rsa private key.
$ /utils/openssh/bin/ssh -i /home/myuser/.ssh/id_rsa
-l myuser -v pc2
OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL
0x0090601f
debug1: Reading configuration data
/utils/openssh/etc/ssh_config
debug1: Seeded RNG with 39 bytes from programs
debug1: Seeded RNG with 3 bytes from system calls
debug1: Rhosts Authentication disabled, originating
port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 1024 geteuid 0 anon 1
debug1: Connecting to pc2 [2.2.2.94] port 22.
debug1: temporarily_use_uid: 1024/10 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 1024/10 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/myuser/.ssh/id_rsa type 1
debug1: identity file /home/myuser/.ssh/identity type
-1
debug1: identity file /home/myuser/.ssh/id_dsa type -1
debug1: identity file /home/myuser/.ssh/id_rsa type 1
debug1: Remote protocol version 1.99, remote software
version OpenSSH_2.9p1
debug1: match: OpenSSH_2.9p1 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_2.9p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 128/256
debug1: bits set: 1027/2049
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'pc2' is known and matches the RSA host
key.
debug1: Found key in /home/myuser/.ssh/known_hosts2:1
debug1: bits set: 1038/2049
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: try pubkey: /home/myuser/.ssh/id_rsa
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: try privkey: /home/myuser/.ssh/identity
debug1: try privkey: /home/myuser/.ssh/id_dsa
debug1: try pubkey: /home/myuser/.ssh/id_rsa
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is password
myuser@pc2's password:
Thanks.
__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
