[PLUG] ssh passwordless login

Daniel Herrington herda05 at gmail.com
Mon Oct 20 20:45:43 UTC 2014 

All,

I'm stuck with a ssh passwordless login problem. Source machine is a
solaris 10 box behind a firewall and NAT. The remote machine is Mint 13
behind firewall and NAT.

Source:
debug1: using hostkeyalias: XXXXX
debug3: check_host_in_hostfile: filename /u/XXX/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 2
debug3: check_host_in_hostfile: filename /u/XXX/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'XXXXX' is known and matches the RSA host key.
debug1: Found key in /u/XXXXXX/.ssh/known_hosts:2
debug1: bits set: 1034/2048
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug3: kex_reset_dispatch -- should we dispatch_set(KEXINIT) here? 0 && !0
debug1: newkeys: mode 1
debug1: set_newkeys: setting new keys for 'out' mode
debug3: aes-128-ctr NID found
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: set_newkeys: setting new keys for 'in' mode
debug3: aes-128-ctr NID found
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug2: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred
gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying public key: /u/XXXX/.ssh/id_rsa.pub
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
XXXXX at XXXXXXX.com's password:

Remote sshd log:
Oct 20 13:36:56 XXXX sshd[31134]: Connection from ###.###.###.## port 12996
Oct 20 13:36:58 XXXX sshd[31134]: Failed publickey for XXX from
###.###.###.## port 12996 ssh2

This works from an internal Mac to the Mint machine with the same
id_rsa.pub (I copied it over to the Solaris machine by using scp. Directory
permissions:

drwxr-xr-x   2 XX XXX    1024 Oct 20 16:34 .
drwxr-xr-x   5 XX X        1024 Oct 20 14:21 ..
-rw-r--r--   1 XX XXX     392 Oct 20 15:47 authorized_keys
-rw-------   1 XX XXX     392 Oct 20 15:35 authorized_keys.old
-rw-r--r--   1 XX XXX     246 Oct 20 16:35 config
-rw-r--r--   1 XX XXX     392 Oct 20 15:21 id_rsa
-rw-r--r--   1 XX XXX     392 Oct 20 16:34 id_rsa.pub
-rw-r--r--   1 XX XXX     805 Oct 20 15:12 known_hosts

At this point I don't know where to look further. Is there a higher level
of debug on sshd other than VERBOSE?

The fact that it works from the Mac to ubuntu but not from Saolris to
ubuntu, it seems to be something on the solaris machine...

-- 
Daniel B. Herrington

More information about the PLUG mailing list