--- Michael Hoeller <[EMAIL PROTECTED]> wrote: > Hi all > > since 2 days I try to figgure out why I can not ssh > to a workstation. I > have attached the full output in the hope that some > one points me to > the right palce. I see that the missing rsa1 key is > searched for and > that a dsa key is used but non of my existing keys > is found in the > pubkey authentitaon. > > Thanks a lot > Michael > > > tamboti:~/.ssh # ssh -vvv ws002 > OpenSSH_3.9p1, OpenSSL 0.9.7d 17 Mar 2004 > debug1: Reading configuration data > /etc/ssh/ssh_config > debug1: Applying options for * > debug2: ssh_connect: needpriv 0 > debug1: Connecting to ws002 [192.168.55.221] port > 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: identity file /root/.ssh/identity type 0 > debug3: Not a RSA1 key file /root/.ssh/id_rsa. > debug2: key_type_from_name: unknown key type > '-----BEGIN' > debug3: key_read: missing keytype > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug2: key_type_from_name: unknown key type > '-----END' > debug3: key_read: missing keytype > debug1: identity file /root/.ssh/id_rsa type 1 > debug3: Not a RSA1 key file /root/.ssh/id_dsa. > debug2: key_type_from_name: unknown key type > '-----BEGIN' > debug3: key_read: missing keytype > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug2: key_type_from_name: unknown key type > '-----END' > debug3: key_read: missing keytype > debug1: identity file /root/.ssh/id_dsa type 2 > debug1: Remote protocol version 1.99, remote > software version > OpenSSH_3.7.1p2 > debug1: match: OpenSSH_3.7.1p2 pat OpenSSH* > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_3.9p1 > debug2: fd 3 setting O_NONBLOCK > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug2: kex_parse_kexinit: > diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss > debug2: kex_parse_kexinit: > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,[EMAIL PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr > debug2: kex_parse_kexinit: > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,[EMAIL PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr > debug2: kex_parse_kexinit: > hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 > debug2: kex_parse_kexinit: > hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 > debug2: kex_parse_kexinit: none,zlib > debug2: kex_parse_kexinit: none,zlib > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: first_kex_follows 0 > debug2: kex_parse_kexinit: reserved 0 > debug2: kex_parse_kexinit: > diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss > debug2: kex_parse_kexinit: > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,[EMAIL PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr > debug2: kex_parse_kexinit: > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,[EMAIL PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr > debug2: kex_parse_kexinit: > hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 > debug2: kex_parse_kexinit: > hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 > debug2: kex_parse_kexinit: none,zlib > debug2: kex_parse_kexinit: none,zlib > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: first_kex_follows 0 > debug2: kex_parse_kexinit: reserved 0 > debug2: mac_init: found hmac-md5 > debug1: kex: server->client aes128-cbc hmac-md5 none > debug2: mac_init: found hmac-md5 > debug1: kex: client->server aes128-cbc hmac-md5 none > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) > sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > debug2: dh_gen_key: priv key bits set: 133/256 > debug2: bits set: 538/1024 > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > debug3: check_host_in_hostfile: filename > /root/.ssh/known_hosts > debug3: check_host_in_hostfile: filename > /etc/ssh/ssh_known_hosts > debug3: check_host_in_hostfile: match line 2 > debug3: check_host_in_hostfile: filename > /root/.ssh/known_hosts > debug3: check_host_in_hostfile: match line 3 > debug1: Host 'ws002' is known and matches the RSA > host key. > debug1: Found key in /etc/ssh/ssh_known_hosts:2 > debug2: bits set: 532/1024 > debug1: ssh_rsa_verify: signature correct > debug2: kex_derive_keys > debug2: set_newkeys: mode 1 > debug1: SSH2_MSG_NEWKEYS sent > debug1: expecting SSH2_MSG_NEWKEYS > debug2: set_newkeys: mode 0 > debug1: SSH2_MSG_NEWKEYS received > debug1: SSH2_MSG_SERVICE_REQUEST sent > debug2: service_accept: ssh-userauth > debug1: SSH2_MSG_SERVICE_ACCEPT received > debug2: key: /root/.ssh/id_rsa (0x8096100) > debug2: key: /root/.ssh/id_dsa (0x8090c18) > debug1: Authentications that can continue: > publickey,keyboard-interactive > debug3: start over, passed a different list > publickey,keyboard-interactive > debug3: preferred > publickey,keyboard-interactive,password > debug3: authmethod_lookup publickey > debug3: remaining preferred: > keyboard-interactive,password > debug3: authmethod_is_enabled publickey > debug1: Next authentication method: publickey > debug1: Offering public key: /root/.ssh/id_rsa > debug3: send_pubkey_test > debug2: we sent a publickey packet, wait for reply > debug1: Authentications that can continue: > publickey,keyboard-interactive > debug1: Offering public key: /root/.ssh/id_dsa > debug3: send_pubkey_test > debug2: we sent a publickey packet, wait for reply > debug1: Authentications that can continue: > publickey,keyboard-interactive > debug2: we did not send a packet, disable method > debug3: authmethod_lookup keyboard-interactive > debug3: remaining preferred: password > debug3: authmethod_is_enabled keyboard-interactive > debug1: Next authentication method: > keyboard-interactive > debug2: userauth_kbdint > debug2: we sent a keyboard-interactive packet, wait > for reply > debug1: Authentications that can continue: > publickey,keyboard-interactive > debug3: userauth_kbdint: disable: no info_req_seen > debug2: we did not send a packet, disable method > debug1: No more authentication methods to try. > Permission denied (publickey,keyboard-interactive). > tamboti:~/.ssh # > Michael: Are the keys from PuTTY by chance? They need to be in the format of (for example):
**** ssh-dsa AAAAdfwerqwerqere... asdfasdfsdferr4= [EMAIL PROTECTED] **** Not: **** ---- BEGIN SSH2 PUBLIC KEY ---- Comment: "dsa-key-20060424" sdfsdf sdfdsfwer sdf ---- END SSH2 PUBLIC KEY ---- **** __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com