Hello Rich, I suspect that something happened to your ~/.ssh/authorized_keys file on salmo, or you have a different user on salmo than on caddis, or something happened to your private key on caddis.
To tackle those in the revers order, run this commands on caddis and post the output here: ls -la ~/.ssh/ That will show your public and private keys as well as the permissions, which will help determining where the issue may be. It should look something like this: $ ls -la ~/.ssh/ total 24 drwx------ 2 rwcitek rwcitek 4096 Feb 7 15:09 . drwxr-x--- 10 rwcitek rwcitek 4096 Jan 8 19:32 .. -rw------- 1 rwcitek rwcitek 0 Oct 6 03:11 authorized_keys -rw------- 1 rwcitek rwcitek 668 Feb 7 15:09 id_dsa -rw-r--r-- 1 rwcitek rwcitek 605 Feb 7 15:09 id_dsa.pub -rw------- 1 rwcitek rwcitek 3243 Oct 6 03:11 id_rsa -rw-r----- 1 rwcitek rwcitek 741 Oct 6 03:11 id_rsa.pub You should have either the id_dsa* or id_rsa* pair of key files, or both sets, as I do. The *.pub extension is just the public key portion. If you do not have either, generate an RSA key pair with this command, accepting the defaults when prompted: $ ssh-keygen -t rsa Once you have a private key, then copy the corresponding public key to salmo with either of these commands: $ ssh-copy-id -i ~/.ssh/id_dsa.pub -p 22 rshepard@caddis $ ssh-copy-id -i ~/.ssh/id_rsa.pub -p 22 rshepard@caddis Of course, adjust username, port, and hostname as needed. Try those and let us know if that works or if you are still having issues connecting with keys. Regards, - Robert On Sat, Feb 7, 2015 at 11:38 AM, Rich Shepard <rshep...@appl-ecosys.com> wrote: > Some time in the past I lost key authentication when connecting from my > laptop to my server. Password works, but that's sent clear text so I want > to > get the server's /etc/ssh/sshd_config correct. > > When I try to connect to my server this is the output: > > [rshepard@caddis ~]$ ssh -v salmo > OpenSSH_6.7p1, OpenSSL 1.0.1k 8 Jan 2015 > debug1: Reading configuration data /home/rshepard/.ssh/config > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: Connecting to salmo [192.168.55.1] port nnnn. > debug1: fd 3 clearing O_NONBLOCK > debug1: Connection established. > debug1: identity file /home/rshepard/.ssh/id_dsa type 2 > debug1: key_load_public: No such file or directory > debug1: identity file /home/rshepard/.ssh/id_dsa-cert type -1 > debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7 > debug1: match: OpenSSH_6.7 pat OpenSSH* compat 0x04000000 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_6.7 > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug1: kex: server->client aes128-ctr umac-64-...@openssh.com none > debug1: kex: client->server aes128-ctr umac-64-...@openssh.com none > debug1: sending SSH2_MSG_KEX_ECDH_INIT > debug1: expecting SSH2_MSG_KEX_ECDH_REPLY > debug1: Server host key: ECDSA > 1c:f8:ee:fd:eb:fe:a8:dd:b4:1c:bd:ad:6d:cd:5e:e9 > debug1: Host '[salmo]:nnnn' is known and matches the ECDSA host key. > debug1: Found key in /home/rshepard/.ssh/known_hosts:28 > debug1: SSH2_MSG_NEWKEYS sent > debug1: expecting SSH2_MSG_NEWKEYS > debug1: SSH2_MSG_NEWKEYS received > debug1: Roaming not allowed by server > debug1: SSH2_MSG_SERVICE_REQUEST sent > debug1: SSH2_MSG_SERVICE_ACCEPT received > debug1: Authentications that can continue: publickey > debug1: Next authentication method: publickey > debug1: Offering DSA public key: /home/rshepard/.ssh/id_dsa > debug1: Authentications that can continue: publickey > debug1: No more authentication methods to try. > Permission denied (publickey). > > This suggests that I've lost my public key on the server. Is that the > situation? If so, I need to read up on how to re-generate my RSA/DSA key > pair using my passphrase, then put the public and private keys in the > correct hosts. > > TIA, > > Rich > > _______________________________________________ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > _______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
