SSH key worked ONCE
87 views
Skip to first unread message
Andrew
Feb 26, 2011, 10:14:35 PM2/26/11
to DataStorageUnit
I created an ssh key and was able to log and run rsync without having
to input my password.
I started the rsync session and then cancelled it. Now, I am always
asked for my password. Obviously, there are limitations of some sort
that I am unaware of.
Can someone who is less of a newbie than me give me some insight? I
need to fix this so that I can automate my data transfer.
Thanks!
to input my password.
I started the rsync session and then cancelled it. Now, I am always
asked for my password. Obviously, there are limitations of some sort
that I am unaware of.
Can someone who is less of a newbie than me give me some insight? I
need to fix this so that I can automate my data transfer.
Thanks!
Sean Colgan
Feb 27, 2011, 1:49:23 PM2/27/11
to datasto...@googlegroups.com
Possible scenario:
Your rsync was from your home directory on the local machine to the home directory on the remote machine? The process overwrote the 'authorized_keys' file on the remote machine with one from your local?
Does that seem plausible?
Sean
Your rsync was from your home directory on the local machine to the home directory on the remote machine? The process overwrote the 'authorized_keys' file on the remote machine with one from your local?
Does that seem plausible?
Sean
|
-- There are two kinds of people in this world... Those who use vim, and those who don't know they'd rather use vim. |
Andrew
Feb 27, 2011, 5:49:17 PM2/27/11
to DataStorageUnit
I like that theory; it's totally the kind of thing I'd miss. Except
the sync wasn't from my home dir on the local machine. Damn, 'cause
that would have been an easy fix.
Checked the authorized_keys file anyway, and it appears to be
untouched (same size, same timestamp).
Thanks, though.
the sync wasn't from my home dir on the local machine. Damn, 'cause
that would have been an easy fix.
Checked the authorized_keys file anyway, and it appears to be
untouched (same size, same timestamp).
Thanks, though.
Peter Bruin
Feb 27, 2011, 10:49:45 PM2/27/11
to datasto...@googlegroups.com
One more thing you should check! Make sure the permissions on the .ssh
folder content is set to 600, rw for owner only. Otherwise key based
authentication is likely to fail. This is something of the last year or
so, older versions of ssh do not have this restriction.
folder content is set to 600, rw for owner only. Otherwise key based
authentication is likely to fail. This is something of the last year or
so, older versions of ssh do not have this restriction.
Rusty Nejdl
Feb 28, 2011, 11:14:43 AM2/28/11
to datasto...@googlegroups.com
Funny enough, I had this exact same problem and just had to send my key over again and that fixed it. I'm not even sure how I overwrote the authorized keys file.
Rusty Nejdl
Rusty Nejdl
Andrew
Mar 2, 2011, 1:13:21 AM3/2/11
to DataStorageUnit
Hi Peter,
I'd had mine set to 700, so I sent my key over again (as suggested by
Rusty) and chmoded both the .ssh folder and the authorized_keys files
to 600. Still no good. ssh to dsu still asks for password.
A.
I'd had mine set to 700, so I sent my key over again (as suggested by
Rusty) and chmoded both the .ssh folder and the authorized_keys files
to 600. Still no good. ssh to dsu still asks for password.
A.
Peter Bruin
Mar 2, 2011, 1:29:37 AM3/2/11
to datasto...@googlegroups.com
The access restrictions are for your local machine, not for the dsu system.
When I change the local access to id_dsa file to 666 I get a warning
that my private key is unprotected and is ignored.
When I change the local access to id_dsa file to 666 I get a warning
that my private key is unprotected and is ignored.
This is when I test using Ubuntu.
As a last resort I would suggest regenerating your keys and starting
again. Maybe your key is corrupted.
ssh root@xxxxx
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0666 for '~/.ssh/id_dsa' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: ~/.ssh/id_dsa
root@xxxxx's password:
Andrew
Mar 2, 2011, 7:02:20 AM3/2/11
to DataStorageUnit
Hi Peter,
Thanks again.
Locally, the permissions for the private key are set at 600, and the
permissions for the public key are 644.
I'm not confident that regenerating the key would help, as this is
already the second time (second key) I've had the same problem. If I
can't come up with any other ideas, I will give that a try again.
Maybe this time I can pay closer attention to what happens after it
works the first time.
Cheers,
Andrew
Thanks again.
Locally, the permissions for the private key are set at 600, and the
permissions for the public key are 644.
I'm not confident that regenerating the key would help, as this is
already the second time (second key) I've had the same problem. If I
can't come up with any other ideas, I will give that a try again.
Maybe this time I can pay closer attention to what happens after it
works the first time.
Cheers,
Andrew
Andrew
Mar 3, 2011, 5:10:05 AM3/3/11
to DataStorageUnit
Okay, have recreated the key twice. Tried dsa and rsa.
Here is the process:
ssh-keygen -t rsa -b 2048
scp id_rsa.pub file to dsu and put it in the .ssh directory I created
in my home and chmoded to 700.
Changed the filename to 'authorized_keys' and chmoded it to 600.
Permission on local files are
-rw------- 1 root root 1675 2011-03-03 18:44 id_rsa
-rw-r--r-- 1 root root 393 2011-03-03 18:44 id_rsa.pub
Can't even get it to work once now. I must be doing something wrong,
and knowing me it's something crazy simple.
Verbose output from ssh:
Sun_SSH_1.5, SSH protocols 1.5/2.0, OpenSSL 0x009080bf
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to storage1.datastorageunit.com [173.190.59.43]
port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version
OpenSSH_5.3p1 Debian-3ubuntu5
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu5 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.5
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA,
DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug1: Failed to acquire GSS-API credentials for any mechanisms (No
credentials were supplied, or the credentials were unavailable or
inaccessible
Unknown code 0
)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: Peer sent proposed langtags, ctos:
debug1: Peer sent proposed langtags, stoc:
debug1: We proposed langtags, ctos: en-US
debug1: We proposed langtags, stoc: en-US
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 130/256
debug1: bits set: 1031/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'storage1.datastorageunit.com' is known and matches the
RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: bits set: 1066/2048
debug1: ssh_rsa_verify: signature correct
debug1: set_newkeys: setting new keys for 'out' mode
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: set_newkeys: setting new keys for 'in' mode
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying public key: /root/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Next authentication method: password
Cheers,
Andrew
Here is the process:
ssh-keygen -t rsa -b 2048
scp id_rsa.pub file to dsu and put it in the .ssh directory I created
in my home and chmoded to 700.
Changed the filename to 'authorized_keys' and chmoded it to 600.
Permission on local files are
-rw------- 1 root root 1675 2011-03-03 18:44 id_rsa
-rw-r--r-- 1 root root 393 2011-03-03 18:44 id_rsa.pub
Can't even get it to work once now. I must be doing something wrong,
and knowing me it's something crazy simple.
Verbose output from ssh:
Sun_SSH_1.5, SSH protocols 1.5/2.0, OpenSSL 0x009080bf
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to storage1.datastorageunit.com [173.190.59.43]
port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version
OpenSSH_5.3p1 Debian-3ubuntu5
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu5 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.5
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA,
DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug1: Failed to acquire GSS-API credentials for any mechanisms (No
credentials were supplied, or the credentials were unavailable or
inaccessible
Unknown code 0
)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: Peer sent proposed langtags, ctos:
debug1: Peer sent proposed langtags, stoc:
debug1: We proposed langtags, ctos: en-US
debug1: We proposed langtags, stoc: en-US
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 130/256
debug1: bits set: 1031/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'storage1.datastorageunit.com' is known and matches the
RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: bits set: 1066/2048
debug1: ssh_rsa_verify: signature correct
debug1: set_newkeys: setting new keys for 'out' mode
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: set_newkeys: setting new keys for 'in' mode
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying public key: /root/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Next authentication method: password
Cheers,
Andrew
Martin Larsen
Mar 3, 2011, 7:04:05 AM3/3/11
to datasto...@googlegroups.com
This is how I do it:
ssh-keygen
ssh-copy-id user...@storage1.datastorageunit.com
I just use the default options.
Andrew
Mar 3, 2011, 7:26:12 AM3/3/11
to DataStorageUnit
Thanks for the reply.
I don't have the ssh-copy-id script on my system, but it just does the
same thing as scp.
A.
> ssh-copy-id usern...@storage1.datastorageunit.com
I don't have the ssh-copy-id script on my system, but it just does the
same thing as scp.
A.
> ssh-copy-id usern...@storage1.datastorageunit.com
>
> I just use the default options.
>
> I just use the default options.
>
Sean Colgan
Mar 3, 2011, 11:41:48 PM3/3/11
to datasto...@googlegroups.com
It looks like you've got a permission issue. Your key-pair is owned by root, not you. Either that or you're trying to ssh as root. In general this doesn't work. Your ssh key-pair should be 700 owned by you on your machine and (remote) you on the remote machine.
Hope this helps. I'm sure this is infuriating! :)
Sean
Hope this helps. I'm sure this is infuriating! :)
Sean
Andrew
Mar 4, 2011, 7:12:06 AM3/4/11
to DataStorageUnit
Hi Sean,
Thanks for the reply. Indeed, this is making me crazy.
I've regenerated the key under my username, set the permissions to 700
on the key pair, copied the public key over to the server, and chmoded
it to 700 as well.
Still not working.
Sun_SSH_1.5, SSH protocols 1.5/2.0, OpenSSL 0x009080bf
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to storage1.datastorageunit.com [173.190.59.43]
port 22.
debug1: Connection established.
debug1: identity file /export/home/andrew/.ssh/identity type -1
debug1: identity file /export/home/andrew/.ssh/id_rsa type 1
debug1: identity file /export/home/andrew/.ssh/id_dsa type -1
debug1: bits set: 1048/2048
debug1: bits set: 1042/2048
debug1: Trying public key: /export/home/andrew/.ssh/id_rsa
Any further insight would be highly valued.
Cheers,
Andrew
Thanks for the reply. Indeed, this is making me crazy.
I've regenerated the key under my username, set the permissions to 700
on the key pair, copied the public key over to the server, and chmoded
it to 700 as well.
Still not working.
Sun_SSH_1.5, SSH protocols 1.5/2.0, OpenSSL 0x009080bf
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to storage1.datastorageunit.com [173.190.59.43]
port 22.
debug1: Connection established.
debug1: identity file /export/home/andrew/.ssh/id_rsa type 1
debug1: identity file /export/home/andrew/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version
OpenSSH_5.3p1 Debian-3ubuntu5
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu5 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.5
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA,
DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug1: Failed to acquire GSS-API credentials for any mechanisms (No
credentials were supplied, or the credentials were unavailable or
inaccessible
Unknown code 0
)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: Peer sent proposed langtags, ctos:
debug1: Peer sent proposed langtags, stoc:
debug1: We proposed langtags, ctos: en-US
debug1: We proposed langtags, stoc: en-US
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 144/256
OpenSSH_5.3p1 Debian-3ubuntu5
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu5 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.5
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA,
DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug1: Failed to acquire GSS-API credentials for any mechanisms (No
credentials were supplied, or the credentials were unavailable or
inaccessible
Unknown code 0
)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: Peer sent proposed langtags, ctos:
debug1: Peer sent proposed langtags, stoc:
debug1: We proposed langtags, ctos: en-US
debug1: We proposed langtags, stoc: en-US
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: bits set: 1048/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'storage1.datastorageunit.com' is known and matches the
RSA host key.
debug1: Found key in /export/home/andrew/.ssh/known_hosts:1
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'storage1.datastorageunit.com' is known and matches the
RSA host key.
debug1: bits set: 1042/2048
debug1: ssh_rsa_verify: signature correct
debug1: set_newkeys: setting new keys for 'out' mode
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: set_newkeys: setting new keys for 'in' mode
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /export/home/andrew/.ssh/identity
debug1: set_newkeys: setting new keys for 'out' mode
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: set_newkeys: setting new keys for 'in' mode
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying public key: /export/home/andrew/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /export/home/andrew/.ssh/id_dsa
debug1: Next authentication method: password
And then it asks for my password.
Any further insight would be highly valued.
Cheers,
Andrew
Sean Colgan
Mar 4, 2011, 11:48:54 AM3/4/11
to datasto...@googlegroups.com
Hmm... Thought I may have had that one.
Here's the full debug session when I log in and it works. Try 'ssh -vvv you@dsu...' to get debug level3 output and compare it. Off the top of my head it looks like you're running Solaris? Of course there's no reason it shouldn't work, but maybe the ssh configuration is slightly different.
Good luck.
Sean
sean@Oberon:~$ ssh -vvv ped...@storage1.datastorageunit.com
OpenSSH_5.5p1 Debian-4ubuntu5, OpenSSL 0.9.8o 01 Jun 2010
Here's the full debug session when I log in and it works. Try 'ssh -vvv you@dsu...' to get debug level3 output and compare it. Off the top of my head it looks like you're running Solaris? Of course there's no reason it shouldn't work, but maybe the ssh configuration is slightly different.
Good luck.
Sean
sean@Oberon:~$ ssh -vvv ped...@storage1.datastorageunit.com
OpenSSH_5.5p1 Debian-4ubuntu5, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug2: ssh_connect: needpriv 0
debug1: Connecting to storage1.datastorageunit.com [173.190.59.43] port 22.
debug1: Connection established.
debug3: Not a RSA1 key file /home/sean/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/sean/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/sean/.ssh/id_rsa-cert type -1
debug1: identity file /home/sean/.ssh/id_dsa type -1
debug1: identity file /home/sean/.ssh/id_dsa-cert type -1
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/sean/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/sean/.ssh/id_rsa-cert type -1
debug1: identity file /home/sean/.ssh/id_dsa type -1
debug1: identity file /home/sean/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debian-3ubuntu5
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu5 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-4ubuntu5
debug2: fd 3 setting O_NONBLOCK
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-...@openssh.com,ssh-dss-...@openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,uma...@openssh.com,hmac-ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,uma...@openssh.com,hmac-ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zl...@openssh.com,zlib
debug2: kex_parse_kexinit: none,zl...@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,uma...@openssh.com,hmac-ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,uma...@openssh.com,hmac-ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zl...@openssh.com
debug2: kex_parse_kexinit: none,zl...@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug2: kex_parse_kexinit: ssh-rsa-...@openssh.com,ssh-dss-...@openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,uma...@openssh.com,hmac-ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,uma...@openssh.com,hmac-ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zl...@openssh.com,zlib
debug2: kex_parse_kexinit: none,zl...@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,uma...@openssh.com,hmac-ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,uma...@openssh.com,hmac-ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zl...@openssh.com
debug2: kex_parse_kexinit: none,zl...@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 124/256
debug2: bits set: 540/1024
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 124/256
debug2: bits set: 540/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: host storage1.datastorageunit.com filename /home/sean/.ssh/known_hosts
debug3: check_host_in_hostfile: host storage1.datastorageunit.com filename /home/sean/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: host 173.190.59.43 filename /home/sean/.ssh/known_hosts
debug3: check_host_in_hostfile: host 173.190.59.43 filename /home/sean/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 2
debug3: check_host_in_hostfile: host storage1.datastorageunit.com filename /home/sean/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: host 173.190.59.43 filename /home/sean/.ssh/known_hosts
debug3: check_host_in_hostfile: host 173.190.59.43 filename /home/sean/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 2
debug1: Found key in /home/sean/.ssh/known_hosts:1
debug2: bits set: 516/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug2: bits set: 516/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/sean/.ssh/id_rsa (0x7fbdbd6b16f0)
debug2: key: /home/sean/.ssh/id_dsa ((nil))
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/sean/.ssh/id_rsa (0x7fbdbd6b16f0)
debug2: key: /home/sean/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/sean/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp a2:a6:5e:af:8f:4c:de:39:e5:27:16:08:f7:e9:4b:55
debug3: sign_and_send_pubkey
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-...@openssh.com
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug1: Sending environment.
debug3: Ignored env SSH_AGENT_PID
debug3: Ignored env KDE_MULTIHEAD
debug3: Ignored env DM_CONTROL
debug3: Ignored env GPG_AGENT_INFO
debug3: Ignored env SHELL
debug3: Ignored env TERM
debug3: Ignored env XDG_SESSION_COOKIE
debug3: Ignored env XDM_MANAGED
debug3: Ignored env GTK2_RC_FILES
debug3: Ignored env KONSOLE_DBUS_SERVICE
debug3: Ignored env GS_LIB
debug3: Ignored env GTK_RC_FILES
debug3: Ignored env WINDOWID
debug3: Ignored env SHELL_SESSION_ID
debug3: Ignored env GTK_MODULES
debug3: Ignored env KDE_FULL_SESSION
debug3: Ignored env USER
debug3: Ignored env LS_COLORS
debug3: Ignored env SSH_AUTH_SOCK
debug3: Ignored env SESSION_MANAGER
debug3: Ignored env DESKTOP_SESSION
debug3: Ignored env PATH
debug3: Ignored env PWD
debug3: Ignored env EDITOR
debug3: Ignored env KDE_SESSION_UID
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env KONSOLE_DBUS_SESSION
debug3: Ignored env HOME
debug3: Ignored env COLORFGBG
debug3: Ignored env SHLVL
debug3: Ignored env KDE_SESSION_VERSION
debug3: Ignored env LANGUAGE
debug3: Ignored env XCURSOR_THEME
debug3: Ignored env LOGNAME
debug3: Ignored env XDG_DATA_DIRS
debug3: Ignored env DBUS_SESSION_BUS_ADDRESS
debug3: Ignored env LESSOPEN
debug3: Ignored env WINDOWPATH
debug3: Ignored env PROFILEHOME
debug3: Ignored env DISPLAY
debug3: Ignored env QT_PLUGIN_PATH
debug3: Ignored env LESSCLOSE
debug3: Ignored env _
debug3: Ignored env OLDPWD
debug2: channel 0: request shell confirm 1
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Linux storage1 2.6.32-27-server #49-Ubuntu SMP Thu Dec 2 02:05:21 UTC 2010 x86_64 GNU/Linux
Ubuntu 10.04.2 LTS
Welcome to the Ubuntu Server!
* Documentation: http://www.ubuntu.com/server/doc
System information as of Fri Mar 4 11:19:15 EST 2011
System load: 0.39 Processes: 178
Usage of /home: 41.2% of 21.45TB Users logged in: 2
Memory usage: 26% IP address for eth0: 172.16.10.51
Swap usage: 0% IP address for eth1: 192.168.0.100
Graph this data and manage this system at https://landscape.canonical.com/
21 packages can be updated.
16 updates are security updates.
Last login: Fri Mar 4 11:15:16 2011 from c-174-51-167-215.hsd1.co.comcast.net
pedorro@storage1:~$
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp a2:a6:5e:af:8f:4c:de:39:e5:27:16:08:f7:e9:4b:55
debug3: sign_and_send_pubkey
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-...@openssh.com
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug1: Sending environment.
debug3: Ignored env SSH_AGENT_PID
debug3: Ignored env KDE_MULTIHEAD
debug3: Ignored env DM_CONTROL
debug3: Ignored env GPG_AGENT_INFO
debug3: Ignored env SHELL
debug3: Ignored env TERM
debug3: Ignored env XDG_SESSION_COOKIE
debug3: Ignored env XDM_MANAGED
debug3: Ignored env GTK2_RC_FILES
debug3: Ignored env KONSOLE_DBUS_SERVICE
debug3: Ignored env GS_LIB
debug3: Ignored env GTK_RC_FILES
debug3: Ignored env WINDOWID
debug3: Ignored env SHELL_SESSION_ID
debug3: Ignored env GTK_MODULES
debug3: Ignored env KDE_FULL_SESSION
debug3: Ignored env USER
debug3: Ignored env LS_COLORS
debug3: Ignored env SSH_AUTH_SOCK
debug3: Ignored env SESSION_MANAGER
debug3: Ignored env DESKTOP_SESSION
debug3: Ignored env PATH
debug3: Ignored env PWD
debug3: Ignored env EDITOR
debug3: Ignored env KDE_SESSION_UID
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env KONSOLE_DBUS_SESSION
debug3: Ignored env HOME
debug3: Ignored env COLORFGBG
debug3: Ignored env SHLVL
debug3: Ignored env KDE_SESSION_VERSION
debug3: Ignored env LANGUAGE
debug3: Ignored env XCURSOR_THEME
debug3: Ignored env LOGNAME
debug3: Ignored env XDG_DATA_DIRS
debug3: Ignored env DBUS_SESSION_BUS_ADDRESS
debug3: Ignored env LESSOPEN
debug3: Ignored env WINDOWPATH
debug3: Ignored env PROFILEHOME
debug3: Ignored env DISPLAY
debug3: Ignored env QT_PLUGIN_PATH
debug3: Ignored env LESSCLOSE
debug3: Ignored env _
debug3: Ignored env OLDPWD
debug2: channel 0: request shell confirm 1
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Linux storage1 2.6.32-27-server #49-Ubuntu SMP Thu Dec 2 02:05:21 UTC 2010 x86_64 GNU/Linux
Ubuntu 10.04.2 LTS
Welcome to the Ubuntu Server!
* Documentation: http://www.ubuntu.com/server/doc
System information as of Fri Mar 4 11:19:15 EST 2011
System load: 0.39 Processes: 178
Usage of /home: 41.2% of 21.45TB Users logged in: 2
Memory usage: 26% IP address for eth0: 172.16.10.51
Swap usage: 0% IP address for eth1: 192.168.0.100
Graph this data and manage this system at https://landscape.canonical.com/
21 packages can be updated.
16 updates are security updates.
Last login: Fri Mar 4 11:15:16 2011 from c-174-51-167-215.hsd1.co.comcast.net
pedorro@storage1:~$
Sean Colgan
Mar 4, 2011, 11:59:53 AM3/4/11
to datasto...@googlegroups.com
Just thought of something. At work, our Solaris machines require the private key to have 400 permissions. You might try that.
Sean
Sean
On Fri, 2011-03-04 at 04:12 -0800, Andrew wrote:
Andrew
Mar 4, 2011, 8:44:10 PM3/4/11
to DataStorageUnit
Sean,
That appears to have done it.
Permissions 400 on the local (Nexenta/Open Solaris) machine.
Thank you for thinking of that.
Andrew
That appears to have done it.
Permissions 400 on the local (Nexenta/Open Solaris) machine.
Thank you for thinking of that.
Andrew
Sean Colgan
Mar 4, 2011, 11:08:18 PM3/4/11
to datasto...@googlegroups.com
Glad it worked out! :)
I feel like the car guys on NPR :)
Sean
I feel like the car guys on NPR :)
Sean
Reply all
Reply to author
Forward
0 new messages