[Touch-packages] [Bug 1858285] Re: SSH not honoring use of ~/.ssh/authorized_keys
[Expired for openssh (Ubuntu) because there has been no activity for 60 days.] ** Changed in: openssh (Ubuntu) Status: Incomplete => Expired -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1858285 Title: SSH not honoring use of ~/.ssh/authorized_keys Status in openssh package in Ubuntu: Expired Bug description: Have tested this successfully on other distros, used the same steps to updating /etc/ssh/sshd_config but SSH will not honor the use of ~/.ssh/authorized_keys. Simple test mkdir -m 700 ~/.ssh cd ~/.ssh ssh-keygen -t rsa -b 4096 press enter to accept the defaults and empty passphrase cp id_rsa.pub authorized_keys ssh localhost /bin/date works mv id-rsa $(hostname -s) mv id-rsa.pub $(hostname -s).pub ssh localhost /bin/date **fails. this works on CentOS, RHEL ProblemType: Bug DistroRelease: Ubuntu 19.10 Package: openssh-server 1:8.0p1-6build1 ProcVersionSignature: Ubuntu 5.3.0-1014.16-raspi2 5.3.10 Uname: Linux 5.3.0-1014-raspi2 aarch64 ApportVersion: 2.20.11-0ubuntu8.2 Architecture: arm64 Date: Sat Jan 4 12:42:58 2020 ExecutablePath: /usr/sbin/sshd ProcEnviron: LANG=C.UTF-8 PATH=(custom, no user) SourcePackage: openssh UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1858285/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1858285] Re: SSH not honoring use of ~/.ssh/authorized_keys
>From man ssh: -i identity_file Selects a file from which the identity (private key) for public key authentication is read. The default is ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and ~/.ssh/id_rsa. Identity files may also be specified on a per-host basis in the configuration file. It is possible to have multiple -i options (and multiple identities specified in configuration files). If no certificates have been explicitly specified by the CertificateFile directive, ssh will also try to load certificate information from the filename obtained by appending -cert.pub to identity filenames. Accodring to that the above reported behavior is correct. I tried your case and found Fedora and Centos work the same way as Ubuntu. Note: filename is id_rsa not id-rsa Didn't work with "localhost" nor with a real hostname set in /etc/hosts This doesn't seem "SSH not honoring use of ~/.ssh/authorized_keys" to me. What you want seems to me more like "Try target hostname as -i argument ~/.ssh/.pub" is that right? You might also have an ssh-agent set up, that will pick up the key on first use and might try it. Maybe you happen to have that in your own ssh config? What you (seem to) want can be achieved by this entry in /etc/ssh/ssh_config: IdentityFile ~/.ssh/%h But that would just be a local config and not a bug. It might be discussed as default config, but people don't want to use keys by default too easily. All tested systems have no difference in their default configs in regard to IdentityFile. Do the systems that you report as working better have anything in /etc/ssh/ssh_config for it? ** Changed in: openssh (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1858285 Title: SSH not honoring use of ~/.ssh/authorized_keys Status in openssh package in Ubuntu: Incomplete Bug description: Have tested this successfully on other distros, used the same steps to updating /etc/ssh/sshd_config but SSH will not honor the use of ~/.ssh/authorized_keys. Simple test mkdir -m 700 ~/.ssh cd ~/.ssh ssh-keygen -t rsa -b 4096 press enter to accept the defaults and empty passphrase cp id_rsa.pub authorized_keys ssh localhost /bin/date works mv id-rsa $(hostname -s) mv id-rsa.pub $(hostname -s).pub ssh localhost /bin/date **fails. this works on CentOS, RHEL ProblemType: Bug DistroRelease: Ubuntu 19.10 Package: openssh-server 1:8.0p1-6build1 ProcVersionSignature: Ubuntu 5.3.0-1014.16-raspi2 5.3.10 Uname: Linux 5.3.0-1014-raspi2 aarch64 ApportVersion: 2.20.11-0ubuntu8.2 Architecture: arm64 Date: Sat Jan 4 12:42:58 2020 ExecutablePath: /usr/sbin/sshd ProcEnviron: LANG=C.UTF-8 PATH=(custom, no user) SourcePackage: openssh UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1858285/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1858285] Re: SSH not honoring use of ~/.ssh/authorized_keys
Update, possible workaround. Still a bug that needs permanently fixed as other distros honor ~/.ssh/authorized_keys properly with settings in /etc/ssh/sshd_config use a directive within the ~/.ssh/config file but seems it requires both private and public keys to be present/exchanged for the required hosts. host short_hostname hostname IPaddr_or_FQDN user username port 22 or other port if not 22 identityfile /home/username/.ssh/private_key_filename -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1858285 Title: SSH not honoring use of ~/.ssh/authorized_keys Status in openssh package in Ubuntu: New Bug description: Have tested this successfully on other distros, used the same steps to updating /etc/ssh/sshd_config but SSH will not honor the use of ~/.ssh/authorized_keys. Simple test mkdir -m 700 ~/.ssh cd ~/.ssh ssh-keygen -t rsa -b 4096 press enter to accept the defaults and empty passphrase cp id_rsa.pub authorized_keys ssh localhost /bin/date works mv id-rsa $(hostname -s) mv id-rsa.pub $(hostname -s).pub ssh localhost /bin/date **fails. this works on CentOS, RHEL ProblemType: Bug DistroRelease: Ubuntu 19.10 Package: openssh-server 1:8.0p1-6build1 ProcVersionSignature: Ubuntu 5.3.0-1014.16-raspi2 5.3.10 Uname: Linux 5.3.0-1014-raspi2 aarch64 ApportVersion: 2.20.11-0ubuntu8.2 Architecture: arm64 Date: Sat Jan 4 12:42:58 2020 ExecutablePath: /usr/sbin/sshd ProcEnviron: LANG=C.UTF-8 PATH=(custom, no user) SourcePackage: openssh UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1858285/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1858285] Re: SSH not honoring use of ~/.ssh/authorized_keys
mistyped, it's a problem in 17.10 as well so the same problem has persisted for a few releases. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1858285 Title: SSH not honoring use of ~/.ssh/authorized_keys Status in openssh package in Ubuntu: New Bug description: Have tested this successfully on other distros, used the same steps to updating /etc/ssh/sshd_config but SSH will not honor the use of ~/.ssh/authorized_keys. Simple test mkdir -m 700 ~/.ssh cd ~/.ssh ssh-keygen -t rsa -b 4096 press enter to accept the defaults and empty passphrase cp id_rsa.pub authorized_keys ssh localhost /bin/date works mv id-rsa $(hostname -s) mv id-rsa.pub $(hostname -s).pub ssh localhost /bin/date **fails. this works on CentOS, RHEL ProblemType: Bug DistroRelease: Ubuntu 19.10 Package: openssh-server 1:8.0p1-6build1 ProcVersionSignature: Ubuntu 5.3.0-1014.16-raspi2 5.3.10 Uname: Linux 5.3.0-1014-raspi2 aarch64 ApportVersion: 2.20.11-0ubuntu8.2 Architecture: arm64 Date: Sat Jan 4 12:42:58 2020 ExecutablePath: /usr/sbin/sshd ProcEnviron: LANG=C.UTF-8 PATH=(custom, no user) SourcePackage: openssh UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1858285/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1858285] Re: SSH not honoring use of ~/.ssh/authorized_keys
Also, i just tested this on Ubuntu 17.10 "Artful" as well so it seems to not be a problem for 19.10. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1858285 Title: SSH not honoring use of ~/.ssh/authorized_keys Status in openssh package in Ubuntu: New Bug description: Have tested this successfully on other distros, used the same steps to updating /etc/ssh/sshd_config but SSH will not honor the use of ~/.ssh/authorized_keys. Simple test mkdir -m 700 ~/.ssh cd ~/.ssh ssh-keygen -t rsa -b 4096 press enter to accept the defaults and empty passphrase cp id_rsa.pub authorized_keys ssh localhost /bin/date works mv id-rsa $(hostname -s) mv id-rsa.pub $(hostname -s).pub ssh localhost /bin/date **fails. this works on CentOS, RHEL ProblemType: Bug DistroRelease: Ubuntu 19.10 Package: openssh-server 1:8.0p1-6build1 ProcVersionSignature: Ubuntu 5.3.0-1014.16-raspi2 5.3.10 Uname: Linux 5.3.0-1014-raspi2 aarch64 ApportVersion: 2.20.11-0ubuntu8.2 Architecture: arm64 Date: Sat Jan 4 12:42:58 2020 ExecutablePath: /usr/sbin/sshd ProcEnviron: LANG=C.UTF-8 PATH=(custom, no user) SourcePackage: openssh UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1858285/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
