Hi, I guess it's OK to send the results of your second test. Something clearly goes haywire with the RSA offering, but I don't know why. I've used this system to ssh to other machines locally and remotely -- this is the first problem I've seen.
ssh -v [email protected] hostname OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to cvs.savannah.gnu.org [208.118.235.201] port 22. debug1: Connection established. debug1: identity file /home/swhite/.ssh/id_rsa type 1 debug1: key_load_public: No such file or directory debug1: identity file /home/swhite/.ssh/id_rsa-cert type -1 debug1: identity file /home/swhite/.ssh/id_dsa type 2 debug1: key_load_public: No such file or directory debug1: identity file /home/swhite/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/swhite/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/swhite/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/swhite/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/swhite/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.4 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Trisquel_GNU/linux_7.0-1 debug1: match: OpenSSH_6.6.1p1 Trisquel_GNU/linux_7.0-1 pat OpenSSH_6.6.1* compat 0x04000000 debug1: Authenticating to cvs.savannah.gnu.org:22 as 'Stevan_White' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: [email protected] debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ecdsa-sha2-nistp256 SHA256:qRLLJ4w/GAeiDyYnbx4yWJbZXwGiYYxgNty7lAfUyuM debug1: Host 'cvs.savannah.gnu.org' is known and matches the ECDSA host key. debug1: Found key in /home/swhite/.ssh/known_hosts:9 debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS received debug1: Skipping ssh-dss key /home/swhite/.ssh/id_dsa - not in PubkeyAcceptedKeyTypes debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Offering RSA public key: /home/swhite/.ssh/id_rsa debug1: Authentications that can continue: publickey,password debug1: Trying private key: /home/swhite/.ssh/id_ecdsa debug1: Trying private key: /home/swhite/.ssh/id_ed25519 debug1: Next authentication method: password On Sat, Apr 7, 2018 at 12:57 AM, Bob Proulx <[email protected]> wrote: > Hi Steve, > >> I am trying to do commits from a new machine. I added its SSH public >> RSA key on the Savannah web page (for GNU FreeFont project), but for >> hours, neither SVN nor CVS works for me. Both are asking for a >> password. > > Looking in the logs doesn't show anything obvious. Seems like it > should be working. I looked quickly at your ssh keys in the database > and they looked okay. Since you say you are working from a new > machine then I suspect something there. Perhaps permissions. Usually > permissions must not be group writable anywhere up the directory tree > for example so be sure to check permissions. > >> Have i forgotten something? Or do key changes have to be authorized >> by somebody? > > Things should be working. Try this as a simple test. > > $ ssh [email protected] hostname > > You should see: > > You tried to execute: hostname > Sorry, you are not allowed to execute that command. > > That means things are working. But you might be seeing something > else. If so and the reason isn't obvious then try: > > ssh -v [email protected] hostname > > You should see something like (this is from me): > > debug1: Next authentication method: publickey > debug1: Offering public key: RSA > SHA256:ny9SZmnnLpUeTcmzt+pVpoxdH39AntZ+8Cb33tmCLzQ /home/rwp/.ssh/id_rsa > debug1: Server accepts key: pkalg ssh-rsa blen 279 > > If you don't then something is wrong with the public key offer. > Either permissions or something. > > Bob >
