Mailing List Archive

Sorry,

- I forgot to send the debug.
- Obfuscating the personal information of the output i discovered that he
tries to test the key for ssh-v1 and ssh-v2 but it did not get a success.

<remote_user> - The user name of the remote user in the remote server;
<remote_address> - The ip of the remote server;
<local_home> - The "ḧome" of the local user;

$ ssh -Y -vvv <remote_user>@<remote_address>
OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.8e 23 Feb 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to <remote_address> [<remote_address>] port 22.
debug1: Connection established.
debug1: identity file <local_home>/.ssh/identity type -1
debug3: Not a RSA1 key file <local_home>/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file <local_home>/.ssh/id_rsa type 1
debug1: identity file <local_home>/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH_3.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.5p1 FreeBSD-20061110
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss,ssh-rsa
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,
rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,
rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,
hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,
hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,
rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,
rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,
hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,
hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 123/256
debug2: bits set: 508/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename <local_home>/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 4
debug1: Host '<remote_address>' is known and matches the DSA host key.
debug1: Found key in < local_home >/.ssh/known_hosts:4
debug2: bits set: 516/1024
debug1: ssh_dss_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: <local_home>/.ssh/identity (0x0)
debug2: key: <local_home>/.ssh/id_rsa (0x81742920)
debug2: key: <local_home>/.ssh/id_dsa (0x0)
debug1: Authentications that can continue:
publickey,gssapi-with-mic,password
debug3: start over, passed a different list
publickey,gssapi-with-mic,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: <local_home>/.ssh/identity
debug3: no such identity: <local_home>/.ssh/identity
debug1: Offering public key: <local_home>/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue:
publickey,gssapi-with-mic,password
debug1: Trying private key: <local_home>/.ssh/id_dsa
debug3: no such identity: <local_home>/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
<remote_user>@<remote_address>'s password:

- Does someone have any clue?

Regards...

2010/1/7 Helio Campos Mello de Andrade <helio.campos@gmail.com>

> Hi guys,
>
> - I'm trying to make a configuration that i've done too many time. I wan't
> a script to execute a command in a remote server without the need to type or
> pass the password.
> - I'm using the follow commands:
>
> ssh-keygen
> scp .ssh/id_rsa <remote_user>@<remote_machine>:~/
> ssh <remote_user>@<remote_machine> "cat ~/.id_rsa >>
> ~/.ssh/authorized_keys"
> # Here i still neeed to use my password but thats right.
> ssh <remote_user>@<remote_machine>
> # Here i still neeed to use my password and that's not good because
> i already typed the command to add the public key from my local user in the
> remote machine.
>
> - Does someone has any idea of what i'm doing wrong? I did it may time
> before and always worked. Does someone know if i have to make some
> modification at the /etc/ssh/ssd_config of my local machine or the
> /etc/ssh/sshd_config of my remote machine for this to work?
> - My local machine is a "FreeBSD 7.0-RELEASE-p1 generic amd64" and the
> ssh is "OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.8e 23 Feb 2007".
> - The remote machine is a "Red Hat Enterprise Linux ES release 4 (Nahant
> Update 5)" and the ssh version is "OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19
> 2003".
>
> --
> Helio Campos Mello de Andrade
>



--
Helio Campos Mello de Andrade

Guys,

- Forget this problem. I figured out what is. The permissions in the file
autorized_keys. It was allowing other to write int he files. That why it did
not worked.

Sorry for this...

Regards...

--
Helio Campos

2010/1/7 Helio Campos Mello de Andrade <helio.campos@gmail.com>

> Sorry,
>
> - I forgot to send the debug.
> - Obfuscating the personal information of the output i discovered that he
> tries to test the key for ssh-v1 and ssh-v2 but it did not get a success.
>
> <remote_user> - The user name of the remote user in the remote server;
> <remote_address> - The ip of the remote server;
> <local_home> - The "ḧome" of the local user;
>
> $ ssh -Y -vvv <remote_user>@<remote_address>
> OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.8e 23 Feb 2007
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to <remote_address> [<remote_address>] port 22.
> debug1: Connection established.
> debug1: identity file <local_home>/.ssh/identity type -1
> debug3: Not a RSA1 key file <local_home>/.ssh/id_rsa.
> debug2: key_type_from_name: unknown key type '-----BEGIN'
> debug3: key_read: missing keytype
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug2: key_type_from_name: unknown key type '-----END'
> debug3: key_read: missing keytype
> debug1: identity file <local_home>/.ssh/id_rsa type 1
> debug1: identity file <local_home>/.ssh/id_dsa type -1
> debug1: Remote protocol version 1.99, remote software version OpenSSH_3.9p1
> debug1: match: OpenSSH_3.9p1 pat OpenSSH_3.*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_4.5p1 FreeBSD-20061110
> debug2: fd 3 setting O_NONBLOCK
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-dss,ssh-rsa
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,
> rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,
> rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,
> hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,
> hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
> debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,
> rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,
> rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,
> hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,
> hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zlib
> debug2: kex_parse_kexinit: none,zlib
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: mac_init: found hmac-md5
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug2: mac_init: found hmac-md5
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug2: dh_gen_key: priv key bits set: 123/256
> debug2: bits set: 508/1024
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug3: check_host_in_hostfile: filename <local_home>/.ssh/known_hosts
> debug3: check_host_in_hostfile: match line 4
> debug1: Host '<remote_address>' is known and matches the DSA host key.
> debug1: Found key in < local_home >/.ssh/known_hosts:4
> debug2: bits set: 516/1024
> debug1: ssh_dss_verify: signature correct
> debug2: kex_derive_keys
> debug2: set_newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug2: set_newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug2: service_accept: ssh-userauth
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug2: key: <local_home>/.ssh/identity (0x0)
> debug2: key: <local_home>/.ssh/id_rsa (0x81742920)
> debug2: key: <local_home>/.ssh/id_dsa (0x0)
> debug1: Authentications that can continue:
> publickey,gssapi-with-mic,password
> debug3: start over, passed a different list
> publickey,gssapi-with-mic,password
> debug3: preferred publickey,keyboard-interactive,password
> debug3: authmethod_lookup publickey
> debug3: remaining preferred: keyboard-interactive,password
> debug3: authmethod_is_enabled publickey
> debug1: Next authentication method: publickey
> debug1: Trying private key: <local_home>/.ssh/identity
> debug3: no such identity: <local_home>/.ssh/identity
> debug1: Offering public key: <local_home>/.ssh/id_rsa
> debug3: send_pubkey_test
> debug2: we sent a publickey packet, wait for reply
> debug1: Authentications that can continue:
> publickey,gssapi-with-mic,password
> debug1: Trying private key: <local_home>/.ssh/id_dsa
> debug3: no such identity: <local_home>/.ssh/id_dsa
> debug2: we did not send a packet, disable method
> debug3: authmethod_lookup password
> debug3: remaining preferred: ,password
> debug3: authmethod_is_enabled password
> debug1: Next authentication method: password
> <remote_user>@<remote_address>'s password:
>
> - Does someone have any clue?
>
> Regards...
>
> 2010/1/7 Helio Campos Mello de Andrade <helio.campos@gmail.com>
>
> Hi guys,
>>
>> - I'm trying to make a configuration that i've done too many time. I
>> wan't a script to execute a command in a remote server without the need to
>> type or pass the password.
>> - I'm using the follow commands:
>>
>> ssh-keygen
>> scp .ssh/id_rsa <remote_user>@<remote_machine>:~/
>> ssh <remote_user>@<remote_machine> "cat ~/.id_rsa >>
>> ~/.ssh/authorized_keys"
>> # Here i still neeed to use my password but thats right.
>> ssh <remote_user>@<remote_machine>
>> # Here i still neeed to use my password and that's not good
>> because i already typed the command to add the public key from my local user
>> in the remote machine.
>>
>> - Does someone has any idea of what i'm doing wrong? I did it may time
>> before and always worked. Does someone know if i have to make some
>> modification at the /etc/ssh/ssd_config of my local machine or the
>> /etc/ssh/sshd_config of my remote machine for this to work?
>> - My local machine is a "FreeBSD 7.0-RELEASE-p1 generic amd64" and the
>> ssh is "OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.8e 23 Feb 2007".
>> - The remote machine is a "Red Hat Enterprise Linux ES release 4 (Nahant
>> Update 5)" and the ssh version is "OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19
>> 2003".
>>
>> --
>> Helio Campos Mello de Andrade
>>
>
>
>
> --
> Helio Campos Mello de Andrade
>



--
Helio Campos Mello de Andrade

Helio Campos Mello de Andrade wrote:
[...]
> scp .ssh/id_rsa <remote_user>@<remote_machine>:~/
> ssh <remote_user>@<remote_machine> "cat ~/.id_rsa >> ~/.ssh/authorized_keys"
> # Here i still neeed to use my password but thats right.

I hope this is just a transcription error, but you're copying your
private key onto the remote host. You need id_rsa.pub, not id_rsa.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

I was going the say the same thing. Also by the error you sent us, it
seems to be some problem with wrong white spaces in the file.

Regards.

Darren Tucker wrote:
> Helio Campos Mello de Andrade wrote:
> [...]
>> scp .ssh/id_rsa <remote_user>@<remote_machine>:~/
>> ssh <remote_user>@<remote_machine> "cat ~/.id_rsa >>
>> ~/.ssh/authorized_keys"
>> # Here i still neeed to use my password but thats right.
>
> I hope this is just a transcription error, but you're copying your
> private key onto the remote host. You need id_rsa.pub, not id_rsa.
>