OpenSSH login Problem

[bilal_jan]

hello everyone
i have installled OpenSSH Client and server on my two PCs both running Ubuntu 8.10... One problem wh i am facing and i wasnt able to correct that error is that whenever i wanna logon to my server (running OenSSH server) from my client machine(running OpenSSH client)...
i was prompted for passowrd thress times(first time i enered password it was rejected so is passowrd entered second and third time) and at last i was given that error

Code:

permission denied : (Public key, Password)

i am entering pasword of my local machine but it was rejected ... i dont know wh other password to enter in order to get connected.
thanks for ur consideration

[dijetlo]

It sounds like your client and server haven't done a key exchange. Take a look at the config file for the client and server and see if they both support public/private keys and if they are using the same crypto scheme.

[D-cat]

Is your user name the same between server and client machines? If not, invoke by
ssh username@server

Also, if you're trying to log in as root, this is often disabled by default.

[bilal_jan]

thanks dijetlo and D-cat for ur replies
dijetlo i think u r right i havent done any such thing ... can u please tell me how can cinfigure key exchange

[dijetlo]

You'd tried what Dcat suggested? I'd make sure I'm not making either of those mistakes before I changed a config file....

etc/ssh/ssh_config is the client config and /etc/ssh/sshd_config is the server config file.

Back up both files before you start because a wise boy scout can always find his way home.,,.
Open them in an editor and make sure you have the same value for for this pair

RhostsRSAAuthentication yes

If it's set to "no" in both files, there shouldn't be an attempt to exchange a key (unless you request a key exchange on the cli at invocation) and our login problem will go away (hopefully go away).
If you want it set to yes, read the man pages ssh_config, sshd_config and ssh_keygen and create your pairs, make sure you read and use "ssh_keygen" otherwise the client is going to bomb out at the key exchange again and you'll be back to square one.
Be realistic about your security requirements . If you have nothing but mp3 files and a pictorial homage to Selma Hayek on your hard drive, you can take the risk and pass on the key swaps.

[bilal_jan]

ok
i have two machines both running ubuntu 8.10 and on one machine i have installed openssh-server and on other i have installed openssh-client

host name and ip address of openssh-server machine is welcome-laptop and 19.168.1.2

host name and ip address of openssh-client machine is me-desktop and 19.168.1.1

when i issue following command

sudo ssh me-desktop@192.1681.2

i am gettin following output

WARNING:REMOTE HOST ID HAS CHANGED
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NAST
It is also possible that RSA host key has just been changed.
The fingerprint for RSA key sent by remote host is
10:db:b9:df:ca:98:4e:68:7a:d5:d0:0b:76:06:5f:a2
Please Contact your system administrator
ADD correct key in /root/.ssh/known_hosts to get rid of this message
Offending key in /root/.ssh/known_hosts:3
RSA host key for 192.168.1.2 has changed and u have requested strict checking

i have set

RhostsRSAAuthentication no

on both machines

[bilal_jan]

ding...!!!

[bilal_jan]

seems nobody ready to tell me the solution

[dijetlo]

Code:

WARNING:REMOTE HOST ID HAS CHANGED
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NAST
It is also possible that RSA host key has just been changed.

We know that's in fact what you did.

The fingerprint for RSA key sent by remote host is
xxxxx:

Don't post the keys on the internet, defeats the purpose of having them.

Please Contact your system administrator

that guy quit.

ADD correct key in /root/.ssh/known_hosts to get rid of this message
Offending key in /root/.ssh/known_hosts:3

That's what you need to do. Look at line 3

RSA host key for 192.168.1.2 has changed and u have requested strict checking

That' why it's bothering you about it.

[Ziplock]

You should be able to check logs in /var/log/secure.log or /var/log/messages for signs of the problem. I have set up many ssh servers, and the problem almost always shows itself in more details there.

Post any error messages (minus names, IP addresses etc) if you need a hand.