HPE Community
Operating System - HP-UX
1845948 Members
2742 Online
110250 Solutions
New Discussion

Re: ssh2 authentication problem

 
dictum9
Super Advisor

‎04-14-2006 06:48 AM

‎04-14-2006 06:48 AM

ssh2 authentication problem

# ssh2 -V
ssh2: F-Secure SSH 3.2.3 (build 14) on hppa2.0w-hp-hpux11.00


I exchange the public keys. When I try to get on a machine, the public key authentication fails and it prompts for the password, why is this happening?


infi1@sb1pca:/home/infi1/.ssh2# ssh2 -v -v -v -l infi1 sb1pca
debug: SshConfig/sshconfig.c:3071: Metaconfig parsing stopped at line 3.
debug: SshConfig/sshconfig.c:3364: Read 0 params from config file.
debug: Ssh2/ssh2.c:1758: User config file not found, using defaults. (Looked for '/home/infi1/.ssh2/ssh2_config')
debug: Connecting to sb1pca, port 22... (SOCKS not used)
debug: Ssh2Transport/trcommon.c:3748: My version: SSH-1.99-3.2.9 F-SECURE SSH 3.2.3
debug: client supports 3 auth methods: 'publickey,keyboard-interactive,password'
debug: Ssh2Common/sshcommon.c:587: local ip = 131.82.244.2, local port = 49372
debug: Ssh2Common/sshcommon.c:589: remote ip = 131.82.244.2, remote port = 22
debug: SshConnection/sshconn.c:1945: Wrapping...
debug: SshReadLine/sshreadline.c:2420: Initializing ReadLine...
debug: Remote version: SSH-2.0-3.2.9 F-SECURE SSH 3.2.3
debug: Major: 3 Minor: 2 Revision: 9
debug: Ssh2Transport/trcommon.c:1376: lang s to c: `', lang c to s: `'
debug: Ssh2Transport/trcommon.c:1441: c_to_s: cipher aes128-cbc, mac hmac-sha1, compression none
debug: Ssh2Transport/trcommon.c:1444: s_to_c: cipher aes128-cbc, mac hmac-sha1, compression none
debug: Remote host key found from database.
debug: Ssh2Common/sshcommon.c:379: Received SSH_CROSS_STARTUP packet from connection protocol.
debug: Ssh2Common/sshcommon.c:429: Received SSH_CROSS_ALGORITHMS packet from connection protocol.

debug: server offers auth methods 'publickey,password'.
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1794: Starting pubkey auth...
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1751: Agent is not running.
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1549: Got 0 keys from the agent.
debug: SshConfig/sshconfig.c:2979: Unable to open /home/infi1/.ssh2/identification
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1529: Trying 0 key candidates.
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:983: All keys declined by server, disabling method.
debug: Ssh2AuthClient/sshauthc.c:318: Method 'publickey' disabled.
debug: server offers auth methods 'publickey,password'.
debug: Ssh2AuthPasswdClient/authc-passwd.c:105: Starting password auth...
infi1's password:

0 Kudos
Reply
7 REPLIES 7
Rick Garland
Honored Contributor

‎04-14-2006 06:52 AM

‎04-14-2006 06:52 AM

Re: ssh2 authentication problem

Kill the sshd process and then restart it



0 Kudos
Reply
dictum9
Super Advisor

‎04-14-2006 07:34 AM

‎04-14-2006 07:34 AM

Re: ssh2 authentication problem


I did kill -HUP on it and it didn't work.

The same error message about

debug: Remote host key found from database

debug: SshConfig/sshconfig.c:2979: Unable to open /home/infi1/.ssh2/identification
0 Kudos
Reply
David Bellamy
Respected Contributor

‎04-14-2006 07:43 AM

‎04-14-2006 07:43 AM

Re: ssh2 authentication problem

did you check to see if the /home/infi1/.ssh2/identification is present
0 Kudos
Reply
dictum9
Super Advisor

‎04-14-2006 07:51 AM

‎04-14-2006 07:51 AM

Re: ssh2 authentication problem


It's not. What should go into that file?

I've never had issues with OpenSSH, it didn't need the identification file.
I think that ssh2 asks for it because is a commercial product. Does it need some kind of a license in that file?
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎04-14-2006 09:22 AM

‎04-14-2006 09:22 AM

Re: ssh2 authentication problem

You'll need to contact F-Secure to find out what the problem is. I used ssh from F-secure several years ago and found that although you could specify an alternate port for security, the code completely ignored the parameter and no patch was ever available. If F-Secure cannot help, I would completely remove this version and install the HP version.


Bill Hassell, sysadmin
0 Kudos
Reply
Matti_Kurkela
Honored Contributor

‎04-16-2006 04:37 AM

‎04-16-2006 04:37 AM

Re: ssh2 authentication problem

On the client, you need to write a single line into /home/infi1/.ssh2/identification, like this:
IdKey

(you should replace with the actual filename of your private key)

Note that this is very similar to the commercial SSH server side, in which you must write a line into $HOME/.ssh2/authorization:
Key
MK
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎04-16-2006 05:44 AM

‎04-16-2006 05:44 AM

Re: ssh2 authentication problem

Shalom etc,

Whether you make this work or not, I'd go with the HP version. It was tested and ported by HP for HP machines.

Can't do better than that.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.