[linux] Re: ssh public key werkt maar een kant op

Fred Mobach fred op mobach.nl
Do Nov 19 10:18:04 CET 2009 

On Wednesday 18 November 2009 21:32:28 paai wrote:
> Hugo van der Kooij wrote:
> > On 18/11/09 18:37, paai wrote:
> >> de output van stderr als attachment, omdat cut&paste niet lukt.
> >> Daarna via stdin de vraag om het password.
> >
> > Helaas attachments ook niet op een mailinglist.
>
> Aaargh! Via een omweg dan:
>
>
> OpenSSH_5.1p1 Debian-6ubuntu2, OpenSSL 0.9.8g 19 Oct 2007
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Connecting to breslau [82.171.192.133] port 22.
> debug1: Connection established.
> debug1: identity file /home/paai/.ssh/identity type -1
> debug1: identity file /home/paai/.ssh/id_rsa type 1
> debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
> debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
> debug1: identity file /home/paai/.ssh/id_dsa type -1
> debug1: Remote protocol version 2.0, remote software version
> OpenSSH_5.1p1 Debian-6ubuntu2
> debug1: match: OpenSSH_5.1p1 Debian-6ubuntu2 pat OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-6ubuntu2
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Host 'breslau' is known and matches the RSA host key.
> debug1: Found key in /home/paai/.ssh/known_hosts:1
> debug1: ssh_rsa_verify: signature correct
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS received
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentications that can continue: publickey,password

Hier komt het interessante stukje :
> debug1: Next authentication method: publickey
> debug1: Offering public key: /home/paai/.ssh/id_rsa
> debug1: Authentications that can continue: publickey,password
Ik had op de regel hierboven iets verwacht als 
debug1: Server accepts key: pkalg ssh-dss blen 817
debug1: read PEM private key done: type DSA
(RSA i.p.v. DSA kan natuurlijk ook).
> debug1: Trying private key: /home/paai/.ssh/identity
> debug1: Trying private key: /home/paai/.ssh/id_dsa

Ik betwijfel of de inhoud van /home/paai/.ssh/id_rsa.pub op de client 
ook in de ~/.ssh/authorized_keys staat. Kun je dat controleren ?

Volgende vraag : heb jij de RSA key pairs gegenereerd op de machnies 
zelf of ze ernaartoe gebracht via bijv. scp ?
-- 
Fred Mobach - fred op mobach.nl - postmaster op mobach.nl
website : https://fred.mobach.nl
 .... In God we trust ....
 .. The rest we monitor ..

More information about the Linux mailing list