 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Hi Folks, I am having a weird 'twilight zone' situation with my two servers and using passwordless RSA key exchange authentication. Basically, it is failing in one direction. I have two machines, A (10.6.1.87) and machine B (10.6.1.86). Both run CentOS, both have latest packages of ssh etc. On Machine A, as user 'user' : - create rsa key (works) - 'ssh-copy-id -i ~/.ssh/id_rsa.pub user-Vytmb24aE72l5wQoFSNtmw at public.gmane.org' (works) - 'ssh user-Vytmb24aE72l5wQoFSNtmw at public.gmane.org' lets me log into machine B (10.6.1.86) without requiring a password. This is what I want. On Machine B, as user 'user' : - create rsa key (works) - ssh-copy-id -i ~/.ssh/id_rsa.pub user-Vytmb24aE70LEDhOzmVu6g at public.gmane.org (works) - 'ssh user-Vytmb24aE72l5wQoFSNtmw at public.gmane.org' prompts for a password. This is not what I want. -------- Things I have tried. Upgrade ssh on both machines. - re-keying both machines - checking values in /etc/sysconfig/network so that the "HOSTNAME" value in the file is correct for each machine. - confirmed that the returned value of 'uname -a' and 'uname -n' are as expected. - checked that the returned value of 'hostname' are as expected. - confirmed that pinging the 'other machines' name returns the expected IP address - deleted the 'other machine' from each machines arp cache, re pinged and checked arp table. - checked the permissions of the '.ssh' directory opn each machine, and even opened them (755) wide open to see if that helped (nope) - run the ssh from machine B to machine A with the -vv option and I got interesting information (see below) ----- Under debug I see this from the connection from A to B (this one works) : <snip Machine A to B debug output> debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /home/production/.ssh/identity debug3: no such identity: /home/production/.ssh/identity debug1: Offering public key: /home/production/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Server accepts key: pkalg ssh-rsa blen 277 debug2: input_userauth_pk_ok: SHA1 fp 48:b1:4a:33:ae:a6:e6:5c:f7:89:82:90:ce:ca:f9:e5:b9:1d:b7:c1 debug3: sign_and_send_pubkey debug1: read PEM private key done: type RSA debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Entering interactive session. debug2: callback start </snip Machine A to B debug output> However, when I run this same thing on Machine B (going to machine A) the output looks like this ....: <snip Machine B to A debug output> debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /home/production/.ssh/identity debug3: no such identity: /home/production/.ssh/identity debug1: Offering public key: /home/production/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,gssapi-with-mic,password debug1: Trying private key: /home/production/.ssh/id_dsa debug3: no such identity: /home/production/.ssh/id_dsa debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password production-Vytmb24aE70LEDhOzmVu6g at public.gmane.org's password: </snip Machine B to A debug output> As you can see, it appears as if machine A does not respond to the passing of the publickey packet. This has eaten a whole day of my time, and in turn I have eaten every piece of junk food within 500 feet of my desk! Please can anyone point me in the right direction or help me out, as I dont thing I can handle any more junk food, and I'm really really baffled ! thanks Richard
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
