Originally Posted by
CharlesA
You only need the private and public keys on the client side. They can sit in ~/.ssh and the public key should not be in ~/.ssh/authorized_keys
Everything else is correct. I've used ssh-copy-id user@host if I need to add the keys to a server, but if I'm doing an install, I'll just copy the public key over and add it to authorized_keys.
CharlesA, 1clue, Lars,
Thank you for your help. I think I am half way there.
- I removed the authorized_keys file from the source client system
- Both public and private keys are in the ~/.ssh folder in the source client system
- I replaced the server ~/.ssh/authorized_keys with the Public key by coping the public key to the server, removing the existing authorized_keys file, and coping the public key to authorized_keys
- If I change the authorized_keys files "644" to "600" I can not connect. I have to keep permissions at "644"
- it takes about 30 seconds to connect, but is very quick after connected
Issues: Now I can connect via a command line, but I can not RDP into the server using Remmina I get the following errors
- IF I select "SSH Authentication: Public Key (Automatic)" i receive the following error: SSH automatic public key authentication failed: No public key matched
Code:
[SSH] libssh 0.5.2 (c) 2003-2010 Aris Adamantiadis (aris@0xbadc0de.be) Distributed under the LGPL, please refer to COPYING file for information about your rights, using threading threads_noop
[SSH] Socket connection callback: 1 (0)
[SSH] SSH server banner: SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
[SSH] Analyzing banner: SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
[SSH] We are talking to an OpenSSH client version: 5.9 (50900)
[SSH] Error : Access denied. Authentication that can continue: publickey
[SSH] Trying to authenticate with SSH agent keys as user: xxxUserName
[SSH] Trying identity xxxUserName@client
[SSH] Error : Access denied. Authentication that can continue: publickey
[SSH] Error : No public key matched
- IF I select "SSH Authentication: Identify File > PrivateKey", I am prompted for the key password, and I receive the following error: SSH public key authentication failed: Access denied. Authentication that can continue: publickey
Code:
[SSH] libssh 0.5.2 (c) 2003-2010 Aris Adamantiadis (aris@0xbadc0de.be) Distributed under the LGPL, please refer to COPYING file for information about your rights, using threading threads_noop
[SSH] Socket connection callback: 1 (0)
[SSH] SSH server banner: SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
[SSH] Analyzing banner: SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
[SSH] We are talking to an OpenSSH client version: 5.9 (50900)
[SSH] Trying to open /home/xxxUserName/.ssh/clientRSAKey_id3
[SSH] Trying to read /home/xxxUserName/.ssh/clientRSAKey_id3, passphase=true, authcb=false
[SSH] Error : Parsing private key /home/xxxUserName/.ssh/clientRSAKey_id3: error:0906A068:lib(9):func(106):reason(104)
[SSH] Trying to open /home/xxxUserName/.ssh/clientRSAKey_id3
[SSH] Trying to read /home/xxxUserName/.ssh/clientRSAKey_id3, passphase=true, authcb=false
[SSH] Error : Access denied. Authentication that can continue: publickey
- IF I select "SSH Authentication: Identify File > PublicKey", SSH public key authentication failed: Public key file doesn't exist
Code:
[SSH] libssh 0.5.2 (c) 2003-2010 Aris Adamantiadis (aris@0xbadc0de.be) Distributed under the LGPL, please refer to COPYING file for information about your rights, using threading threads_noop
[SSH] Socket connection callback: 1 (0)
[SSH] SSH server banner: SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
[SSH] Analyzing banner: SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
[SSH] We are talking to an OpenSSH client version: 5.9 (50900)
[SSH] Error : Public key file doesn't exist
Is there something wrong with my keys? Is there a configuration that I am missing.
Server Files
Code:
xxxUserName@server:~$ ls -l ~/.ssh/
total 12
-rw-r--r-- 1 root root 399 Jan 27 16:25 authorized_keys
-rw------- 1 root root 399 Jan 24 15:49 authorized_keys_Backup
-rw-r--r-- 1 root root 399 Jan 24 15:48 clientRSAKey_id3.pub
Client Files
Code:
xxxUserName@client:~/.ssh$ ls -l
total 12
-rw-r--r-- 1 xxxUserName xxxUserName 619 Jan 24 16:37 known_hosts
-rw------- 1 xxxUserName xxxUserName 1766 Jan 24 15:42 clientRSAKey_id3
-rw-r--r-- 1 xxxUserName xxxUserName 399 Jan 24 15:42 clientRSAKey_id3.pub
xxxUserName@client:~/.ssh$ ssh -v xxxUserName@192.168.123.106
OpenSSH_6.2p2 Ubuntu-6ubuntu0.1, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 192.168.123.106 [192.168.123.106] port 22.
debug1: Connection established.
debug1: identity file /home/xxxUserName/.ssh/id_rsa type -1
debug1: identity file /home/xxxUserName/.ssh/id_rsa-cert type -1
debug1: identity file /home/xxxUserName/.ssh/id_dsa type -1
debug1: identity file /home/xxxUserName/.ssh/id_dsa-cert type -1
debug1: identity file /home/xxxUserName/.ssh/id_ecdsa type -1
debug1: identity file /home/xxxUserName/.ssh/id_ecdsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2p2 Ubuntu-6ubuntu0.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.1 pat OpenSSH_5*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA ea:bf:60:43:09:b4:49:a5:a3:fd:b3:f4:06:eb:67:f4
debug1: Host '192.168.x.x' is known and matches the ECDSA host key.
debug1: Found key in /home/xxxUserName/.ssh/known_hosts:1
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: xxxUserName@client
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to 192.168.123.106 ([192.168.123.106]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Welcome to Ubuntu 12.04.3 LTS (GNU/Linux 3.2.0-53-generic x86_64)
* Documentation: https://help.ubuntu.com/
Last login: Mon Jan 27 17:17:19 2014 from client.local
Thank you
Bookmarks