Results 1 to 2 of 2
Hello, I've been searching for a while in forums about the issue I'm facing but couldn't find anything clear, or at least my net search skills are pretty lame. I'm ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 09-30-2010 #1
- Join Date
- Sep 2010
[SOLVED] SSH chaining (tunnelling) problem with public keys
I've been searching for a while in forums about the issue I'm facing but couldn't find anything clear, or at least my net search skills are pretty lame.
I'm facing a problem with prompted user password in a SSH chain connection when using authorized_keys.
(1) Client - (2) Server - (3) Testing machine (testing machine is connect to Server via usb network)
I've created keys for Client and Server, and updated authorized_keys in host machines with the key values:
Testing machine has Server public key, and Server has Client public key.
Until now everything is fine, if I try to connect via ssh the user password prompt is not shown since public key is found in authorized_keys.
ssh serverfrom Server:Code:
But if try to do that from Client only:
client:$ ssh serverfrom Client:Code:
server:$ ssh testing_machine
Bellow the verbose output from previous ssh command:
ssh -v root(at)192.168.100.2 OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.100.2 [192.168.100.2] port 22. debug1: Connection established. debug1: identity file /home/hudson/.ssh/identity type -1 debug1: identity file /home/hudson/.ssh/id_rsa type -1 debug1: identity file /home/hudson/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu4 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host '192.168.100.2' is known and matches the RSA host key. debug1: Found key in /home/hudson/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Trying private key: /home/hudson/.ssh/identity debug1: Trying private key: /home/hudson/.ssh/id_rsa debug1: Trying private key: /home/hudson/.ssh/id_dsa debug1: Next authentication method: password root(at)192.168.100.2's password:
I feel like I'm missing something pretty basic, but could not find solution for this in the last couple of days...
Anyone ever faced the same issue ?
Last edited by lmendes1979; 09-30-2010 at 01:59 PM. Reason: Solved
- 09-30-2010 #2
- Join Date
- Sep 2010
From verbose output it seems it was looking for id_dsa key, I had renamed it to something else to be more human 'readable', tried to rename it back but same problem persisted.
Tried a clean start.
- Deleted all authorized_keys
- Deleted all known_hosts
- Deleted all public/private keys
- Created again all keys "ssh-keygen -t dsa" and left default name
- Copied public keys to right locations "ssh-copy-id"
And now it works!
Guess I've messed up trying to rename private/public keys or something