https://community.hpe.com/t5/operating-system-hp-ux/ssh-pubkeyauthentication-problem/m-p/4638560#M379191 Hi All,<BR /><BR />I have encountered a strange problem only with the non-root user to do the pubkey authentication.My machine is 11.23 PA machine.<BR /><BR />file /opt/ssh/sbin/sshd<BR />/opt/ssh/sbin/sshd: ELF-64 executable object file - PA-RISC 2.0 (LP64)<BR /><BR />the sshd is 64 bit,and here is the debug message from the ssh client:<BR />$ hostname<BR />sshpa4<BR /><BR />$ ssh sshpa4 -vvv<BR />........<BR />debug1: Authentications that can continue: publickey,password,keyboard-interactive<BR />debug3: start over, passed a different list publickey,password,keyboard-interactive<BR />debug3: preferred publickey,keyboard-interactive,password<BR />debug3: authmethod_lookup publickey<BR />debug3: remaining preferred: keyboard-interactive,password<BR />debug3: authmethod_is_enabled publickey<BR />debug1: Next authentication method: publickey<BR />debug1: Trying private key: /home/yangk/.ssh/identity<BR />debug3: no such identity: /home/yangk/.ssh/identity<BR />debug1: Offering public key: /home/yangk/.ssh/id_rsa<BR />debug3: send_pubkey_test<BR />debug2: we sent a publickey packet, wait for reply<BR />debug1: Server accepts key: pkalg ssh-rsa blen 277<BR />debug2: input_userauth_pk_ok: fp ac:7a:a0:2a:7c:8b:a2:a3:5e:9d:f3:91:0f:ba:a6:17<BR />debug3: sign_and_send_pubkey<BR />debug1: read PEM private key done: type RSA<BR />debug1: Authentication succeeded (publickey).<BR />debug1: Final hpn_buffer_size = 131072<BR />debug1: HPN Disabled: 1, HPN Buffer Size: 131072<BR />debug1: channel 0: new [client-session]<BR />debug3: ssh_session2_open: channel_new: 0<BR />debug2: channel 0: send open<BR />debug1: Requesting no-more-sessions@openssh.com<BR />debug1: Entering interactive session.<BR />debug1: channel 0: free: client-session, nchannels 1<BR />debug3: channel 0: status: The following connections are open:<BR /> #0 client-session (t3 r-1 i0/0 o0/0 fd 6/7 cfd -1)<BR /><BR />debug3: channel 0: close_fds r 6 w 7 e 8 c -1<BR />Connection to sshpa4 closed by remote host.<BR />Connection to sshpa4 closed.<BR />Transferred: sent 2128, received 2072 bytes, in 0.0 seconds<BR />Bytes per second: sent 70717.0, received 68856.1<BR />debug1: Exit status -1<BR /><BR />the publickey authentication is succeeded, but it is closed by the server.<BR /><BR /><BR />But if I switch the 64 sshd to the 32 sshd, then it can work, that is so strange.<BR />Here is the details:<BR /><BR />root@sshpa4# file /opt/ssh/sbin/sshd<BR />/opt/ssh/sbin/sshd: PA-RISC2.0 shared executable dynamically linked<BR /><BR />$ ssh localhost -vvv<BR />...............<BR />debug3: authmethod_lookup publickey<BR />debug3: remaining preferred: keyboard-interactive,password<BR />debug3: authmethod_is_enabled publickey<BR />debug1: Next authentication method: publickey<BR />debug1: Trying private key: /home/yangk/.ssh/identity<BR />debug3: no such identity: /home/yangk/.ssh/identity<BR />debug1: Offering public key: /home/yangk/.ssh/id_rsa<BR />debug3: send_pubkey_test<BR />debug2: we sent a publickey packet, wait for reply<BR />debug1: Server accepts key: pkalg ssh-rsa blen 277<BR />debug2: input_userauth_pk_ok: fp ac:7a:a0:2a:7c:8b:a2:a3:5e:9d:f3:91:0f:ba:a6:17<BR />debug3: sign_and_send_pubkey<BR />debug1: read PEM private key done: type RSA<BR />debug1: Authentication succeeded (publickey).<BR />debug1: Final hpn_buffer_size = 131072<BR />debug1: HPN Disabled: 1, HPN Buffer Size: 131072<BR />debug1: channel 0: new [client-session]<BR />debug3: ssh_session2_open: channel_new: 0<BR />debug2: channel 0: send open<BR />debug1: Requesting no-more-sessions@openssh.com<BR />debug1: Entering interactive session.<BR />debug2: callback start<BR />debug2: client_session2_setup: id 0<BR />debug2: channel 0: request pty-req confirm 1<BR />debug2: channel 0: request shell confirm 1<BR />debug2: fd 5 setting TCP_NODELAY<BR />debug2: callback done<BR />debug2: channel 0: open confirm rwindow 0 rmax 32768<BR />debug2: channel_input_status_confirm: type 99 id 0<BR />debug2: PTY allocation request accepted on channel 0<BR />debug2: channel 0: rcvd adjust 65536<BR />debug2: channel_input_status_confirm: type 99 id 0<BR />debug2: shell request accepted on channel 0<BR />Last successful login: Thu May 27 18:16:40 EAT 2010 localhost<BR />Last login: Thu May 27 18:07:43 2010 from sshpa5.chn.hp.com<BR />(c)Copyright 1983-2003 Hewlett-Packard Development Company, L.P.<BR />(c)Copyright 1979, 1980, 1983, 1985-1993 The Regents of the Univ. of California<BR />(c)Copyright 1980, 1984, 1986 Novell, Inc.<BR />(c)Copyright 1986-2000 Sun Microsystems, Inc.<BR />(c)Copyright 1985, 1986, 1988 Massachusetts Institute of Technology<BR />(c)Copyright 1989-1993 The Open Software Foundation, Inc.<BR />(c)Copyright 1990 Motorola, Inc.<BR />(c)Copyright 1990, 1991, 1992 Cornell University<BR />(c)Copyright 1989-1991 The University of Maryland<BR />(c)Copyright 1988 Carnegie Mellon University<BR />(c)Copyright 1991-2003 Mentat Inc.<BR />(c)Copyright 1996 Morning Star Technologies, Inc.<BR />(c)Copyright 1996 Progressive Systems, Inc.<BR /><BR /><BR /> RESTRICTED RIGHTS LEGEND<BR />Use, duplication, or disclosure by the U.S. Government is subject to<BR />restrictions as set forth in sub-paragraph (c)(1)(ii) of the Rights in<BR />Technical Data and Computer Software clause in DFARS 252.227-7013.<BR /><BR /><BR /> Hewlett-Packard Company<BR /> 3000 Hanover Street<BR /> Palo Alto, CA 94304 U.S.A.<BR /><BR />Rights for non-DOD U.S. Government Departments and Agencies are as set<BR />forth in FAR 52.227-19(c)(1,2).<BR />$ uname -a<BR />HP-UX sshpa4 B.11.23 U 9000/800 3267743753 unlimited-user license<BR /><BR />As you see,i can log into the localhost with publickey authentication.<BR /><BR />So why the 64 bit sshd do not let the ssh login with publickey authentication ,but 32 bit sshd can allow?<BR /><BR />This problem has so strange to me.<BR />Could somebody give me help about this?<BR />Thanks in advance!<BR /><BR />Kevin<BR /> Thu, 27 May 2010 09:24:12 GMT yangk 2010-05-27T09:24:12Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-pubkeyauthentication-problem/m-p/4638560#M379191 Hi All,<BR /><BR />I have encountered a strange problem only with the non-root user to do the pubkey authentication.My machine is 11.23 PA machine.<BR /><BR />file /opt/ssh/sbin/sshd<BR />/opt/ssh/sbin/sshd: ELF-64 executable object file - PA-RISC 2.0 (LP64)<BR /><BR />the sshd is 64 bit,and here is the debug message from the ssh client:<BR />$ hostname<BR />sshpa4<BR /><BR />$ ssh sshpa4 -vvv<BR />........<BR />debug1: Authentications that can continue: publickey,password,keyboard-interactive<BR />debug3: start over, passed a different list publickey,password,keyboard-interactive<BR />debug3: preferred publickey,keyboard-interactive,password<BR />debug3: authmethod_lookup publickey<BR />debug3: remaining preferred: keyboard-interactive,password<BR />debug3: authmethod_is_enabled publickey<BR />debug1: Next authentication method: publickey<BR />debug1: Trying private key: /home/yangk/.ssh/identity<BR />debug3: no such identity: /home/yangk/.ssh/identity<BR />debug1: Offering public key: /home/yangk/.ssh/id_rsa<BR />debug3: send_pubkey_test<BR />debug2: we sent a publickey packet, wait for reply<BR />debug1: Server accepts key: pkalg ssh-rsa blen 277<BR />debug2: input_userauth_pk_ok: fp ac:7a:a0:2a:7c:8b:a2:a3:5e:9d:f3:91:0f:ba:a6:17<BR />debug3: sign_and_send_pubkey<BR />debug1: read PEM private key done: type RSA<BR />debug1: Authentication succeeded (publickey).<BR />debug1: Final hpn_buffer_size = 131072<BR />debug1: HPN Disabled: 1, HPN Buffer Size: 131072<BR />debug1: channel 0: new [client-session]<BR />debug3: ssh_session2_open: channel_new: 0<BR />debug2: channel 0: send open<BR />debug1: Requesting no-more-sessions@openssh.com<BR />debug1: Entering interactive session.<BR />debug1: channel 0: free: client-session, nchannels 1<BR />debug3: channel 0: status: The following connections are open:<BR /> #0 client-session (t3 r-1 i0/0 o0/0 fd 6/7 cfd -1)<BR /><BR />debug3: channel 0: close_fds r 6 w 7 e 8 c -1<BR />Connection to sshpa4 closed by remote host.<BR />Connection to sshpa4 closed.<BR />Transferred: sent 2128, received 2072 bytes, in 0.0 seconds<BR />Bytes per second: sent 70717.0, received 68856.1<BR />debug1: Exit status -1<BR /><BR />the publickey authentication is succeeded, but it is closed by the server.<BR /><BR /><BR />But if I switch the 64 sshd to the 32 sshd, then it can work, that is so strange.<BR />Here is the details:<BR /><BR />root@sshpa4# file /opt/ssh/sbin/sshd<BR />/opt/ssh/sbin/sshd: PA-RISC2.0 shared executable dynamically linked<BR /><BR />$ ssh localhost -vvv<BR />...............<BR />debug3: authmethod_lookup publickey<BR />debug3: remaining preferred: keyboard-interactive,password<BR />debug3: authmethod_is_enabled publickey<BR />debug1: Next authentication method: publickey<BR />debug1: Trying private key: /home/yangk/.ssh/identity<BR />debug3: no such identity: /home/yangk/.ssh/identity<BR />debug1: Offering public key: /home/yangk/.ssh/id_rsa<BR />debug3: send_pubkey_test<BR />debug2: we sent a publickey packet, wait for reply<BR />debug1: Server accepts key: pkalg ssh-rsa blen 277<BR />debug2: input_userauth_pk_ok: fp ac:7a:a0:2a:7c:8b:a2:a3:5e:9d:f3:91:0f:ba:a6:17<BR />debug3: sign_and_send_pubkey<BR />debug1: read PEM private key done: type RSA<BR />debug1: Authentication succeeded (publickey).<BR />debug1: Final hpn_buffer_size = 131072<BR />debug1: HPN Disabled: 1, HPN Buffer Size: 131072<BR />debug1: channel 0: new [client-session]<BR />debug3: ssh_session2_open: channel_new: 0<BR />debug2: channel 0: send open<BR />debug1: Requesting no-more-sessions@openssh.com<BR />debug1: Entering interactive session.<BR />debug2: callback start<BR />debug2: client_session2_setup: id 0<BR />debug2: channel 0: request pty-req confirm 1<BR />debug2: channel 0: request shell confirm 1<BR />debug2: fd 5 setting TCP_NODELAY<BR />debug2: callback done<BR />debug2: channel 0: open confirm rwindow 0 rmax 32768<BR />debug2: channel_input_status_confirm: type 99 id 0<BR />debug2: PTY allocation request accepted on channel 0<BR />debug2: channel 0: rcvd adjust 65536<BR />debug2: channel_input_status_confirm: type 99 id 0<BR />debug2: shell request accepted on channel 0<BR />Last successful login: Thu May 27 18:16:40 EAT 2010 localhost<BR />Last login: Thu May 27 18:07:43 2010 from sshpa5.chn.hp.com<BR />(c)Copyright 1983-2003 Hewlett-Packard Development Company, L.P.<BR />(c)Copyright 1979, 1980, 1983, 1985-1993 The Regents of the Univ. of California<BR />(c)Copyright 1980, 1984, 1986 Novell, Inc.<BR />(c)Copyright 1986-2000 Sun Microsystems, Inc.<BR />(c)Copyright 1985, 1986, 1988 Massachusetts Institute of Technology<BR />(c)Copyright 1989-1993 The Open Software Foundation, Inc.<BR />(c)Copyright 1990 Motorola, Inc.<BR />(c)Copyright 1990, 1991, 1992 Cornell University<BR />(c)Copyright 1989-1991 The University of Maryland<BR />(c)Copyright 1988 Carnegie Mellon University<BR />(c)Copyright 1991-2003 Mentat Inc.<BR />(c)Copyright 1996 Morning Star Technologies, Inc.<BR />(c)Copyright 1996 Progressive Systems, Inc.<BR /><BR /><BR /> RESTRICTED RIGHTS LEGEND<BR />Use, duplication, or disclosure by the U.S. Government is subject to<BR />restrictions as set forth in sub-paragraph (c)(1)(ii) of the Rights in<BR />Technical Data and Computer Software clause in DFARS 252.227-7013.<BR /><BR /><BR /> Hewlett-Packard Company<BR /> 3000 Hanover Street<BR /> Palo Alto, CA 94304 U.S.A.<BR /><BR />Rights for non-DOD U.S. Government Departments and Agencies are as set<BR />forth in FAR 52.227-19(c)(1,2).<BR />$ uname -a<BR />HP-UX sshpa4 B.11.23 U 9000/800 3267743753 unlimited-user license<BR /><BR />As you see,i can log into the localhost with publickey authentication.<BR /><BR />So why the 64 bit sshd do not let the ssh login with publickey authentication ,but 32 bit sshd can allow?<BR /><BR />This problem has so strange to me.<BR />Could somebody give me help about this?<BR />Thanks in advance!<BR /><BR />Kevin<BR /> Thu, 27 May 2010 09:24:12 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-pubkeyauthentication-problem/m-p/4638560#M379191 yangk 2010-05-27T09:24:12Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-pubkeyauthentication-problem/m-p/4638561#M379192 one thing to supplement the ssh client and the ssh server is the same machine which is sshpa4. Thu, 27 May 2010 09:26:00 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-pubkeyauthentication-problem/m-p/4638561#M379192 yangk 2010-05-27T09:26:00Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-pubkeyauthentication-problem/m-p/4638562#M379193 Additionally, we've installed exactly the same SSH depot on another 11.23PA machine. And it works fine there. Seems that only "sshpa4" has this kind of issue. FYI. Thu, 27 May 2010 09:42:29 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-pubkeyauthentication-problem/m-p/4638562#M379193 chenn_1 2010-05-27T09:42:29Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-pubkeyauthentication-problem/m-p/4638563#M379194 Your test cases aren't quite identical - in the first you ssh to sshpa4, in the second you ssh to localhost. I seem to recall that sshd can treat the loopback interface differently in some cases.<BR /><BR />Try doing an "ssh localhost" with the 64-bit sshd just to be sure. Thu, 27 May 2010 12:23:58 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-pubkeyauthentication-problem/m-p/4638563#M379194 mvpel 2010-05-27T12:23:58Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-pubkeyauthentication-problem/m-p/4638564#M379195 Hi mvpel,<BR /><BR />the sshpa4 and localhost has the same issue.<BR /><BR />Thanks! Fri, 28 May 2010 03:09:52 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-pubkeyauthentication-problem/m-p/4638564#M379195 yangk 2010-05-28T03:09:52Z