Hello,
I have trouble getting ssh with publickey authentication to work. The server I
am attenmpting to log in to is not setup by me, but everything indicates that
1) my user account exists on the machine(due to public_html page can be
visited); and 2) that the public key I sent was properly installed. The
server works fine for other users, and although it is possible the sysadmin
made a mistake in setting up my account, I think the error is on my side.
Perhaps someone can give a hint on where the problem is.
Below series of bash commands are perhaps illuminating. I can't tell more than
that authentication seems to fail.
bash-2.05b$ pwd
/home/frans
bash-2.05b$ ls .ssh/ -alFh
total 21K
drwxr-xr-x 2 frans users 160 Oct 23 20:26 ./
drwxrwxrwx 72 frans users 3.6K Oct 23 20:25 ../
-rw------- 1 frans users 736 Oct 23 18:53 id_dsa
-rw-r--r-- 1 frans users 604 Oct 23 18:53 id_dsa.pub
-rw-r--r-- 1 frans users 239 Oct 23 18:54 known_hosts
-rw-r--r-- 1 frans users 520 Oct 23 18:53 log.txt
bash-2.05b$
bash-2.05b$
bash-2.05b$ ssh -v -l englich englich@<DOMAIN NAME SNIPPED>
OpenSSH_4.2p1, OpenSSL 0.9.7d 17 Mar 2004
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Connecting to <DOMAIN NAME SNIPPED> [IP-SNIPPED] port 22.
debug1: Connection established.
debug1: identity file /home/frans/.ssh/identity type -1
debug1: identity file /home/frans/.ssh/id_rsa type -1
debug1: identity file /home/frans/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.1
debug1: match: OpenSSH_4.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '<DOMAIN NAME SNIPPED>' is known and matches the RSA host key.
debug1: Found key in /home/frans/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/frans/.ssh/identity
debug1: Trying private key: /home/frans/.ssh/id_rsa
debug1: Offering public key: /home/frans/.ssh/id_dsa
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
bash-2.05b$
bash-2.05b$
bash-2.05b$ ssh-agent bash
bash-2.05b$ ssh-add
Enter passphrase for /home/frans/.ssh/id_dsa:
Identity added: /home/frans/.ssh/id_dsa (/home/frans/.ssh/id_dsa)
bash-2.05b$ ssh-add -l
1024 f1:88:2f:70:ba:80:e6:3c:a8:61:cc:cd:46:0e:11:89 /home/frans/.ssh/id_dsa
(DSA)
bash-2.05b$
bash-2.05b$ # If I now again issue `ssh -v -l englich
englich@<DOMAIN NAME SNIPPED>' I get the same output as above.
What slightly draws my attention is the verbose output from ssh which says
"debug1: Offering public key: /home/frans/.ssh/id_dsa", because id_dsa is my
private key("BEGIN DSA PRIVATE KEY", etc), but that's surely just the
message.
Any ideas what is wrong, or how I can set a better diagnosis? What does more
exactly "Permission denied (publickey)" mean?
Could it be that my private key does not correspond to my public key? If the
above commands wouldn't have triggered that, can I in some simple way check
that? What could otherwise be wrong?
Cheers,
Frans
