| View previous topic :: View next topic |
| Author |
Message |
evoweiss
Veteran
Joined: 07 Sep 2003
Posts: 1678
Location: Edinburgh, UK
|
 Posted: Fri Nov 04, 2011 9:44 pm Post subject: ssh: "Permission denied (publickey,password) [solved] |
 |
|
Hi all,
I am experiencing a bit of frustration in trying to work out why I am unable to ssh into my system. I use password authentication and it worked fine for many years before now. I just switched to a new ISP, but they're very reasonable and do not have any weird policies forbidding one from doing stuff like that. I suspect something has gone awry in one of my config files.
Anyway, what happens it that, when I ssh into my system under my username (I do have a shell for that user) and type in the user password I get the following:
| Code: |
x@x.x.com's password:
Permission denied, please try again.
x@x.x.com's password:
Permission denied, please try again.
x@x.x.com's password:
Permission denied (publickey,password).
|
My /etc/ssh/sshd_config file is exactly the same as my work computer into which I can ssh.
Any help would be hugely appreciated!
Best,
Alex
Last edited by evoweiss on Sat Nov 05, 2011 1:48 pm; edited 1 time in total |
|
| Back to top |
|
 |
truc
Advocate
Joined: 25 Jul 2005
Posts: 3199
|
| Posted: Fri Nov 04, 2011 10:29 pm Post subject: |
|
|
Can you ssh to x@x.x.com from an another place? If so, then that's a really weird, otherwise, triple-check the username and of course the password!
_________________
The End of the Internet! |
|
| Back to top |
|
|
evoweiss
Veteran
Joined: 07 Sep 2003
Posts: 1678
Location: Edinburgh, UK
|
| Posted: Fri Nov 04, 2011 10:37 pm Post subject: |
|
|
| truc wrote: | | Can you ssh to x@x.x.com from an another place? If so, then that's a really weird, otherwise, triple-check the username and of course the password! |
Nope, I tried sshing into x.x.com from two different machines (I ssh'd into them and then tried to ssh into x.x.com). I also tried to ssh into x.x.com from x.x.com. Nothing worked.
The password is the same one I use day in and day out. I have tried dozens of times already and have had zero luck.
I'll post the verbose ssh results.
| Code: |
OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to x.x.com [1.2.3.4] port 22.
debug1: Connection established.
debug1: identity file /home/me/.ssh/identity type -1
debug3: Not a RSA1 key file /home/me/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/me/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-4096
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-4096
debug1: identity file /home/me/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version dropbear_0.46
debug1: no match: dropbear_0.46
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 792 bytes for a total of 831
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa
debug2: kex_parse_kexinit: 3des-cbc
debug2: kex_parse_kexinit: 3des-cbc
debug2: kex_parse_kexinit: hmac-sha1,hmac-md5
debug2: kex_parse_kexinit: hmac-sha1,hmac-md5
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client 3des-cbc hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server 3des-cbc hmac-md5 none
debug2: dh_gen_key: priv key bits set: 205/384
debug2: bits set: 523/1024
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug3: Wrote 144 bytes for a total of 975
debug3: check_host_in_hostfile: filename /home/me/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: filename /home/me/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 2
debug1: Host 'x.x.com' is known and matches the RSA host key.
debug1: Found key in /home/me/.ssh/known_hosts:1
debug2: bits set: 532/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 991
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 48 bytes for a total of 1039
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/me/.ssh/identity ((nil))
debug2: key: /home/me/.ssh/id_rsa (0x7fefdacdca50)
debug2: key: /home/me/.ssh/id_dsa ((nil))
debug3: Wrote 64 bytes for a total of 1103
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/me/.ssh/identity
debug3: no such identity: /home/me/.ssh/identity
debug1: Offering public key: /home/me/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 616 bytes for a total of 1719
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/me/.ssh/id_dsa
debug3: no such identity: /home/me/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
me@x.x.com's password:
debug3: packet_send2: adding 64 (len 58 padlen 6 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug3: Wrote 144 bytes for a total of 1863
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
me@x.x.com's password:
debug3: packet_send2: adding 64 (len 58 padlen 6 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug3: Wrote 144 bytes for a total of 2007
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
me@x.x.com's password:
debug3: packet_send2: adding 64 (len 58 padlen 6 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug3: Wrote 144 bytes for a total of 2151
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,password).
|
|
|
| Back to top |
|
|
evoweiss
Veteran
Joined: 07 Sep 2003
Posts: 1678
Location: Edinburgh, UK
|
| Posted: Fri Nov 04, 2011 10:39 pm Post subject: |
|
|
| truc wrote: | | Can you ssh to x@x.x.com from an another place? If so, then that's a really weird, otherwise, triple-check the username and of course the password! |
I think I replied too quickly without reading correctly. I have been trying to ssh into the system from another place all along. See my other message for more details.
Sorry, it's been a rough week.
Best,
Alex |
|
| Back to top |
|
|
evoweiss
Veteran
Joined: 07 Sep 2003
Posts: 1678
Location: Edinburgh, UK
|
| Posted: Fri Nov 04, 2011 10:57 pm Post subject: |
|
|
Hi,
I'm not sure if this is relevant information or not, but the only thing my sshd/current log shows is:
| Code: |
Nov 04 22:54:16 [sshd] Server listening on 0.0.0.0 port 22.
|
In other words, it's as if ssh never received the password if that makes sense.
Best,
Alex |
|
| Back to top |
|
|
krinn
Watchman
Joined: 02 May 2003
Posts: 7470
|
| Posted: Sat Nov 05, 2011 12:55 am Post subject: |
|
|
 because it happen to me one day...
Are you sure you are connecting to the right host ? Hmmm, that you try to connect to someone's computer that also own sshd running but you keep getting kick because it's just not your.
Your sshd log should show your logging attempts and not just that the server is listening, and as you said you switch isp, you might have still old dns refering to your old IP.... |
|
| Back to top |
|
|
evoweiss
Veteran
Joined: 07 Sep 2003
Posts: 1678
Location: Edinburgh, UK
|
| Posted: Sat Nov 05, 2011 6:58 am Post subject: |
|
|
| krinn wrote: | because it happen to me one day...
Are you sure you are connecting to the right host ? Hmmm, that you try to connect to someone's computer that also own sshd running but you keep getting kick because it's just not your.
Your sshd log should show your logging attempts and not just that the server is listening, and as you said you switch isp, you might have still old dns refering to your old IP.... |
Ah, nice insight. It was connecting to my IP address (I looked it up), but it was going into my router and not to my computer (you can telnet into my router). I have a new router and must have forgotten to set something up.
Best
Alex |
|
| Back to top |
|
|
krinn
Watchman
Joined: 02 May 2003
Posts: 7470
|
| Posted: Sat Nov 05, 2011 10:23 am Post subject: |
|
|
Please mark it solve so others users could filter easy a solve exist.
LOL, now think your IP is now log into that guy sshd log and seen all your attempts, he will think about yourself : "damn hackers scripts kids rats!" |
|
| Back to top |
|
|
evoweiss
Veteran
Joined: 07 Sep 2003
Posts: 1678
Location: Edinburgh, UK
|
| Posted: Sat Nov 05, 2011 1:48 pm Post subject: |
|
|
| krinn wrote: | Please mark it solve so others users could filter easy a solve exist.
LOL, now think your IP is now log into that guy sshd log and seen all your attempts, he will think about yourself : "damn hackers scripts kids rats!" |
Actually, it's my router that I was trying to get into, so my ISP won't see it so far as I can tell. Still funny.
Anyway, after a bit of configuration-foo with the modem/router, it seems to be working. Thanks for helping me see what should have been obvious.
Best,
Alex |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
