All geek questions in one place

Ssh connection using RSA key keep password request

I am trying to configure SSH connections without a password for many servers using the RSA key. It works well for most of them, but one of them gives me some problems.

The most common problem that I discovered in the past is problems with permissions on .ssh or authorized_keys on the remote host, but here they look correct, for example:

drwx------  ~/.ssh
-rw-r--r--  ~/.ssh/authorized_keys

Here is the output of the ssh -v command to this server (I just changed the host name and IP address):

Sun_SSH_1.1.3, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to myhost.mydomain.com [123.123.123.123] port 22.
debug1: Connection established.
debug1: identity file /export/home/webdev1/.ssh/identity type -1
debug1: identity file /export/home/webdev1/.ssh/id_rsa type 1
debug1: identity file /export/home/webdev1/.ssh/id_dsa type -1
debug1: Remote protocol version 1.5, remote software version 1.2.31
debug1: match: 1.2.31 pat 1.2.1*,1.2.2*,1.2.3*
debug1: Local version string SSH-1.5-Sun_SSH_1.1.3
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'myhost.mydomain.com' is known and matches the RSA1 host key.
debug1: Found key in /export/home/webdev1/.ssh/known_hosts:6
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: cipher_init: set keylen (16 -> 32)
debug1: cipher_init: set keylen (16 -> 32)
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Doing password authentication.

I suspect this may be due to the SSH version. Another server that works gives me the following output (remote protocol version 2.0 instead of 1.5):

debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1.3
debug1: match: Sun_SSH_1.1.3 pat Sun_SSH_1.1.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1.3

Any clue? Thank you for your help.

+3
source share
5

, . Sun_SSH, OpenSSH ( SSH Linux/* BSD) /etc/ssh/sshd_config ( RSAAuthentication v1, PubkeyAuthentication v2).

+1
chmod 744 ~/.ssh/authorized_keys

.

+3

, (/export/home/webdev1) 700.

+2

chmod -R 600 ~/.ssh/

, / .

+1

Your user may have been blocked in a unix window. If you usually log in to your account, then be a functional user, if this user has “password login” functions, but you do not use it, it may be blocked (for example, the password has expired). Howerver, even if it is a medallion, it will not stop you with sudo using the "be" command, but it will definitely prevent any ssh input, even if the keys are trusted.

+1
source

Source: https://habr.com/ru/post/1762370/

More articles:


All Articles