-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
So when you logged in it asked you for a passphrase? That could be in the
configs, yes, but it’d be odd and I’d really expect it more on the client
side than the server side (I doubt the server can even really see any of
that part).
The authentication tries the private key and then falls back to keyboard
authentication (password, not passphrase). Could you get the
/var/log/messages output? Here is the login from my system to a box of
mine with ‘-vv’ after setting up the keys properly:
<quote>
ab@mybox0:~/Desktop> ssh -vv ab@remotebox0
OpenSSH_5.1p1, OpenSSL 0.9.8h 28 May 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to remotebox0 [remotebox0] port 22.
debug1: Connection established.
debug2: key_type_from_name: unknown key type ‘-----BEGIN’
debug2: key_type_from_name: unknown key type ‘-----END’
debug1: identity file /home/ab/.ssh/id_rsa type 1
debug1: identity file /home/ab/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.0
debug1: match: OpenSSH_5.0 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 118/256
debug2: bits set: 533/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host ‘remotebox0’ is known and matches the RSA host key.
debug1: Found key in /home/ab/.ssh/known_hosts:42
debug2: bits set: 497/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/ab/.ssh/id_rsa (0x7f1563e8f570)
debug2: key: /home/ab/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering public key: /home/ab/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug2: input_userauth_pk_ok: fp
a5:92:71:22:f2:3a:7d:94:85:68:b9:fd:42:b3:c0:84
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug2: channel 0: request shell confirm 1
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Last login: Tue Oct 13 19:06:55 2009 from 192.168.1.2
[ab@remotebox0 ~]$
</quote>
Good luck.
dsteven1 wrote:
> ssh -v output:
>
>
> PHP code:
> --------------------
> user04@linux-sbsk:~> ssh -v user10@192.168.1.101 -p 22200
> OpenSSH_5.1p1, OpenSSL 0.9.8h 28 May 2008
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Connecting to 192.168.1.101 [192.168.1.101] port 22200.
> debug1: Connection established.
> debug1: identity file /home/user04/.ssh/id_rsa type 1
> debug1: identity file /home/user04/.ssh/id_dsa type -1
> debug1: Remote protocol version 2.0, remote software version OpenSSH_5.2
> debug1: match: OpenSSH_5.2 pat OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_5.1
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Host ‘[192.168.1.101]:22200’ is known and matches the RSA host key.
> debug1: Found key in /home/user04/.ssh/known_hosts:3
> debug1: ssh_rsa_verify: signature correct
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS received
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentications that can continue: publickey,password,keyboard-interactive
> debug1: Next authentication method: publickey
> debug1: Offering public key: /home/user04/.ssh/id_rsa
> debug1: Server accepts key: pkalg ssh-rsa blen 277
> ENTER PASSPHRASE FOR KEY ‘/HOME/USER04/.SSH/ID_RSA’:
> ENTER PASSPHRASE FOR KEY ‘/HOME/USER04/.SSH/ID_RSA’:
> debug1: Trying private key: /home/user04/.ssh/id_dsa
> debug1: Next authentication method: keyboard-interactive
> debug1: Authentications that can continue: publickey,password,keyboard-interactive
> debug1: Next authentication method: password
> user10@192.168.1.101’s password:
> debug1: Authentication succeeded (password).
> debug1: channel 0: new [client-session]
> debug1: Requesting no-more-sessions@openssh.com
> debug1: Entering interactive session.
> debug1: Sending environment.
> debug1: Sending env LANG = en_US.UTF-8
> Last login: Sat Oct 10 15:33:14 2009 from linux-sbsk
>
> user10@windoze ~
> $
> --------------------
>
>
> I’m puzzled as to why it asked for a passphrase - I know I didn’t enter
> a passphrase when I generated the key - it must be in the SSHD_CONFIG
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBAgAGBQJK1SUcAAoJEF+XTK08PnB5Yc4P/jrRucv6T2T3ivWN2VNzOOV0
6SgVs8b7I08bDKgpXfhe/wgqNNbPJDga5EvqJytQnuQjeCt54n8hTbvs5VbZEB21
HCmGI+kv5bgKI4ojKyPxABJNDkiVWQ4lkouH+5/aZ513mSKoum4uEua89lQE0r+J
hNaLUDvuQ29mq/UzeqUCwyfFT0II+p1F1OXIsB+NoDq4ILXNwQYY28hpKP/ejaXQ
tzGSl/i13JFjFZF5vUdrxfuJbFEE2MQK9hEZP4LUH3f1HiTzbslID4orpuM43rgC
Ws7ZPZX8PjBeTBqKd6zrN+3YC6BCQ6lOc0YS1ngWHwr9YkjnaSmt/Sd21KxS6GxW
RDVOM4k14V2+xbaub6iMbzLjUTFI/kwvOazWb+ErBQcMqZCIytj7IeTildAnysC0
AjsALDdJrGCDpsQzG0aRb6FdVUhiszYq8xZoxRO4fn5tKRSRzmXxTAAQfOGFw/pb
kwMyEdFYBXdqCRt016v3ffb5RWHsIsVSbIE3u+8M+AhbBhe1tEOKBvwfWYT1ReXw
LJjcOWGIxM1szb2XBBFjglR4Mag+ljjZHhx4jP7PG54d23D3/UC4wHsdLdiNs+58
IXz4Tstq/Q/cDrg+egv2ddbbg2fmE+mAMPb94xH5oCQnvAIvoDkDyEJWiMb25Q7W
FL9/X175OZc+/eZf7gEp
=pDke
-----END PGP SIGNATURE-----