- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- Re: SSH permission denied issue
Operating System - Linux
1753606
Members
6001
Online
108797
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-09-2009 01:42 AM
тАО09-09-2009 01:42 AM
SSH permission denied issue
Hello,
We have a peculiar ssh issue between 2 Linux hosts. 1 SYS_A (SLES 10, 10.99.20.253) and other SYS_B(SuSE 7.0, 10.99.20.76) systems.
We can ssh from SYS_A to SYS_B but gets permission denied from SYS_B to SYS_A. Here is the verbose output.
SYS_B >> ssh SYS_A -v
SSH Version OpenSSH_2.1.1, protocol versions 1.5/2.0.
Compiled with SSL (0x0090581f).
debug: Reading configuration data /etc/ssh/ssh_config
debug: Applying options for *
debug: Seeding random number generator
debug: ssh_connect: getuid 501 geteuid 0 anon 0
debug: Connecting to SYS_A [10.99.20.253] port 22.
debug: Seeding random number generator
debug: Allocated local port 804.
debug: Connection established.
debug: Remote protocol version 1.99, remote software version OpenSSH_4.2
debug: Local version string SSH-1.5-OpenSSH_2.1.1
debug: Waiting for server public key.
debug: Received server public key (768 bits) and host key (1024 bits).
The authenticity of host 'SYS_A' can't be established.
RSA key fingerprint is ee:a4:e7:42:4b:d3:2d:8b:22:c2:33:7c:16:4d:a2:08.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'SYS_A,10.99.20.253' (RSA) to the list of known hosts.
debug: Seeding random number generator
debug: Encryption type: 3des
debug: Sent encrypted session key.
debug: Installing crc compensation attack detector.
debug: Received encrypted confirmation.
Permission denied.
debug: Calling cleanup 0x805d200(0x0)
SYS_B >>
SYS_B >> netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.99.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 san1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 10.99.20.253 0.0.0.0 UG 0 0 0 eth0
The SYS_A is having ,
SYS_A>> ssh -V
OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
and SYS_B ,
SYSB >> ssh -V
SSH Version OpenSSH_2.1.1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f).
Plz let me know if you need anymore info.
Plz suggest.
Thanx.
admin
We have a peculiar ssh issue between 2 Linux hosts. 1 SYS_A (SLES 10, 10.99.20.253) and other SYS_B(SuSE 7.0, 10.99.20.76) systems.
We can ssh from SYS_A to SYS_B but gets permission denied from SYS_B to SYS_A. Here is the verbose output.
SYS_B >> ssh SYS_A -v
SSH Version OpenSSH_2.1.1, protocol versions 1.5/2.0.
Compiled with SSL (0x0090581f).
debug: Reading configuration data /etc/ssh/ssh_config
debug: Applying options for *
debug: Seeding random number generator
debug: ssh_connect: getuid 501 geteuid 0 anon 0
debug: Connecting to SYS_A [10.99.20.253] port 22.
debug: Seeding random number generator
debug: Allocated local port 804.
debug: Connection established.
debug: Remote protocol version 1.99, remote software version OpenSSH_4.2
debug: Local version string SSH-1.5-OpenSSH_2.1.1
debug: Waiting for server public key.
debug: Received server public key (768 bits) and host key (1024 bits).
The authenticity of host 'SYS_A' can't be established.
RSA key fingerprint is ee:a4:e7:42:4b:d3:2d:8b:22:c2:33:7c:16:4d:a2:08.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'SYS_A,10.99.20.253' (RSA) to the list of known hosts.
debug: Seeding random number generator
debug: Encryption type: 3des
debug: Sent encrypted session key.
debug: Installing crc compensation attack detector.
debug: Received encrypted confirmation.
Permission denied.
debug: Calling cleanup 0x805d200(0x0)
SYS_B >>
SYS_B >> netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.99.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 san1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 10.99.20.253 0.0.0.0 UG 0 0 0 eth0
The SYS_A is having ,
SYS_A>> ssh -V
OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
and SYS_B ,
SYSB >> ssh -V
SSH Version OpenSSH_2.1.1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f).
Plz let me know if you need anymore info.
Plz suggest.
Thanx.
admin
5 REPLIES 5
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-09-2009 02:02 AM
тАО09-09-2009 02:02 AM
Re: SSH permission denied issue
Shalom,
Check the ownership of the directory .ssh and the files within, permissions as well.
Consider restarting the sshd daemon on the receiving server.
Check these two reference articles:
http://www.hpux.ws/?p=19
http://www.hpux.ws/?p=10
SEP
Check the ownership of the directory .ssh and the files within, permissions as well.
Consider restarting the sshd daemon on the receiving server.
Check these two reference articles:
http://www.hpux.ws/?p=19
http://www.hpux.ws/?p=10
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-09-2009 02:43 AM
тАО09-09-2009 02:43 AM
Re: SSH permission denied issue
"Local version string: SSH-1.5-OpenSSH_2.1.1" and other messages after it suggest SYS_B is trying to use SSH protocol version 1. That protocol version has known weaknesses and modern systems may disable the backwards compatibility at the server side by default.
On the other hand, OpenSSH 2.1.1 is so old that SSH protocol 2.0 might have been still treated as "experimental" back when it was released, and you may have to change the settings to use it.
The version string is of the form SSH--_. Protocol version 1.99 would mean "I'm really 2.0 but I may be able to use protocol version 1.x too."
Please check the "Protocol" setting in /etc/ssh/ssh_config on SYS_B, and in /etc/ssh/sshd_config on SYS_A respectively.
MK
On the other hand, OpenSSH 2.1.1 is so old that SSH protocol 2.0 might have been still treated as "experimental" back when it was released, and you may have to change the settings to use it.
The version string is of the form SSH-
Please check the "Protocol" setting in /etc/ssh/ssh_config on SYS_B, and in /etc/ssh/sshd_config on SYS_A respectively.
MK
MK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-09-2009 03:37 AM
тАО09-09-2009 03:37 AM
Re: SSH permission denied issue
Hello,
Thats sound interesting but what settings need to be modified ?
In fact on both the systems,
/etc/ssh/ssh_config says,
# Protocol 2,1
Anything else you need?
Thanx,
admin
Thats sound interesting but what settings need to be modified ?
In fact on both the systems,
/etc/ssh/ssh_config says,
# Protocol 2,1
Anything else you need?
Thanx,
admin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-09-2009 03:54 AM
тАО09-09-2009 03:54 AM
Re: SSH permission denied issue
Hello,
I tried using a different Protocol and got below messages,
SYS_B:> ssh SYS_A -2 -v
SSH Version OpenSSH_2.1.1, protocol versions 1.5/2.0.
Compiled with SSL (0x0090581f).
debug: Reading configuration data /etc/ssh/ssh_config
debug: Applying options for *
debug: ssh_connect: getuid 0 geteuid 0 anon 0
debug: Connecting to SYS_A [10.99.20.253] port 22.
debug: Seeding random number generator
debug: Allocated local port 648.
debug: Connection established.
debug: Remote protocol version 1.99, remote software version OpenSSH_4.2
Enabling compatibility mode for protocol 2.0
debug: Local version string SSH-2.0-OpenSSH_2.1.1
debug: send KEXINIT
debug: done
debug: wait KEXINIT
debug: got kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug: got kexinit: ssh-rsa,ssh-dss
debug: got kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug: got kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug: got kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug: got kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug: got kexinit: none,zlib@openssh.com
debug: got kexinit: none,zlib@openssh.com
debug: got kexinit:
debug: got kexinit:
debug: first kex follow: 0
debug: reserved: 0
debug: done
debug: kex: server->client 3des-cbc hmac-sha1 none
debug: kex: client->server 3des-cbc hmac-sha1 none
debug: Sending SSH2_MSG_KEXDH_INIT.
debug: bits set: 506/1024
debug: Wait SSH2_MSG_KEXDH_REPLY.
debug: Got SSH2_MSG_KEXDH_REPLY.
debug: keytype ssh-dss
debug: keytype ssh-dss
debug: keytype ssh-dss
debug: Host 'SYS_A' is known and matches the DSA host key.
debug: bits set: 499/1024
debug: len 55 datafellows 0
debug: dsa_verify: signature correct
debug: Wait SSH2_MSG_NEWKEYS.
debug: GOT SSH2_MSG_NEWKEYS.
debug: send SSH2_MSG_NEWKEYS.
debug: done: send SSH2_MSG_NEWKEYS.
debug: done: KEX2.
debug: send SSH2_MSG_SERVICE_REQUEST
debug: service_accept: ssh-userauth
debug: got SSH2_MSG_SERVICE_ACCEPT
debug: authentications that can continue: publickey,keyboard-interactive
debug: key does not exist: /root/.ssh/id_dsa
Permission denied (publickey,keyboard-interactive).
debug: Calling cleanup 0x805d200(0x0)
SYS_B>
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-09-2009 02:26 PM
тАО09-09-2009 02:26 PM
Re: SSH permission denied issue
Check for key presence:
debug: key does not exist: /root/.ssh/id_dsa
regards,
ivan
debug: key does not exist: /root/.ssh/id_dsa
regards,
ivan
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP