| View previous topic :: View next topic |
| Author |
Message |
Wedge_
Advocate
Joined: 08 Aug 2002
Posts: 3614
Location: Scotland
|
 Posted: Tue Sep 07, 2004 10:42 am Post subject: Problem with SSH public key authentication |
 |
|
I've been trying to setup SSH to use public key authentication on my home network (2 desktops + laptop), along with ssh-agent / ssh-add, so that I don't have to type in passwords all the time. Most of what I did came from here.
The problem is that I can't login to one of the desktops from either of the other two machines, but every other combination works. ie
Desktop 1 ---> Desktop 2 - FAILS
Desktop 1 ---> Laptop - OK
Laptop ---> Desktop 1 - OK
Laptop ---> Desktop 2 - FAILS
Desktop 2 ---> Desktop 1 - OK
Desktop 2 ---> Laptop - OK
It appears to be a problem with Desktop 2, but I can't see any differences in my SSH configuration between the three systems. The login attempts don't actually fail as such, they just appear to hang and eventually timeout. If I use "ssh -vvv", the final debug message is "sent public key packet, waiting for reply", or something similar. I've tried running sshd with "-ddd" on the affected system, but I'm not at all familiar with the output it gives so I have no idea where it's going wrong.
Does anyone have any suggestions? I can post the debug output from the SSH client and daemon if it would help.
_________________
Per Ardua Ad Astra
The Earth is the cradle of the mind, but we cannot live forever in a cradle - Konstantin E. Tsiolkovsky
Gentoo Radeon FAQ |
|
| Back to top |
|
 |
n3mo
l33t
Joined: 28 Mar 2004
Posts: 657
Location: In a Cruel World
|
| Posted: Tue Sep 07, 2004 10:51 am Post subject: |
|
|
| From what you wrote seems that Desktop2 dosn't accept incoming connections, look at your firewall rules, verify that the ssh daemon is started, you could use netstat (on desktop2) and nmap (from the others pc) to verify that. |
|
| Back to top |
|
|
noathustra
Tux's lil' helper
Joined: 08 Sep 2003
Posts: 129
Location: NYC
|
| Posted: Tue Sep 07, 2004 10:51 am Post subject: |
|
|
| Can you login to the problem desktop using password authentication? If so, you might try diff'ing the sshd_config file against one from either the working desktop or the laptop. |
|
| Back to top |
|
|
fls
Tux's lil' helper
Joined: 18 Apr 2003
Posts: 111
Location: Germany
|
| Posted: Tue Sep 07, 2004 11:42 am Post subject: |
|
|
It might be that you have tcp wrappers intalled on Desktop2 and didn´t set up /etc/hosts.allow properly.
If thats the case, you can look here for the solution.
It´s just a wild guess, though  |
|
| Back to top |
|
|
Wedge_
Advocate
Joined: 08 Aug 2002
Posts: 3614
Location: Scotland
|
| Posted: Tue Sep 07, 2004 12:23 pm Post subject: |
|
|
Thanks for the suggestions, but I eventually tracked it down to a permissions problem. The permissions on my home directory on Desktop2 were "rwxrwxr-x", and since other users could potentially write to the directory with those perms, it wasn't accepting the key stored in ~/.ssh as secure. Once I removed group write permission it started working straight away.
_________________
Per Ardua Ad Astra
The Earth is the cradle of the mind, but we cannot live forever in a cradle - Konstantin E. Tsiolkovsky
Gentoo Radeon FAQ |
|
| Back to top |
|
|
|
Networking & Security
