No key-based authentication in Dolphin|Network Folder Wizard

Hi,

I use key-based login for my servers. In ~/.ssh I have a config-file with entries like that


Host server1
    HostName server1.example.com
    Port 12345
    User root
    IdentityFile ~/.ssh/server1_rsa


Host server2
    HostName server2.example.com
    Port 12345
    User root
    IdentityFile ~/.ssh/server2_rsa


Both server successfully let me log in on the console (with ssh server1 or ssh server2)

And now the curious thing. If I use Dolphin’s Network Folder wizard server1 let me log in when I’m typing the full domain name in the server field. server2 says authentication failed if I try FQDN but let me in if I use the shortcut server2 defined in ~/.ssh/config.

sshd_config is on both server identical


 
Port 12345

Protocol 2 
# HostKeys for protocol version 2 
HostKey /etc/ssh/ssh_host_rsa_key 
HostKey /etc/ssh/ssh_host_dsa_key 
HostKey /etc/ssh/ssh_host_ecdsa_key 
HostKey /etc/ssh/ssh_host_ed25519_key 
#Privilege Separation is turned on for security 
UsePrivilegeSeparation yes 

# Lifetime and size of ephemeral version 1 server key 
KeyRegenerationInterval 3600 
ServerKeyBits 1024 

# Logging 
SyslogFacility AUTH 
LogLevel INFO 

# Authentication: 
LoginGraceTime 120 
PermitRootLogin without-password 
StrictModes yes 

RSAAuthentication yes 
PubkeyAuthentication yes 


IgnoreRhosts yes 
 
RhostsRSAAuthentication no 
 
HostbasedAuthentication no 

  
PermitEmptyPasswords no 


ChallengeResponseAuthentication no 

PasswordAuthentication no 

 

X11Forwarding yes 
X11DisplayOffset 10 
PrintMotd no 
PrintLastLog yes 
TCPKeepAlive yes 


AcceptEnv LANG LC_* 

Subsystem sftp /usr/lib/openssh/sftp-server 

UsePAM yes 
UseDNS no 
IgnoreUserKnownHosts no 
ClientAliveInterval 60


Anyone an idea whats happening here ? console ssh ok, dolphin ssh, one server ok, the other on not ?

System is opensuse tumbleweed with plasma 5

Thx

I would guess that your “known_hosts” file does not have an entry with the fully qualified name for server2.

In any case, you should try at the command line, with “-v” or “-v -v -v” so that you can get more information on what is failing.

I’ve tried toremovetheentries for server2 and recreate them, nothing changed, though.

I switched on server-debug.
Here are the logs:


 Set /proc/self/oom_score_adj to 0 
May 23 21:19:08 s001 sshd[20507]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8 
May 23 21:19:08 s001 sshd[20507]: debug1: inetd sockets after dupping: 3, 3 
May 23 21:19:08 s001 sshd[20507]: Connection from 4.5.6.7 port 59930 on 1.2.3.4 port 12345 
May 23 21:19:08 s001 sshd[20507]: debug1: Client protocol version 2.0; client software version libssh-0.6.5 
May 23 21:19:08 s001 sshd[20507]: debug1: no match: libssh-0.6.5 
May 23 21:19:08 s001 sshd[20507]: debug1: Enabling compatibility mode for protocol 2.0 
May 23 21:19:08 s001 sshd[20507]: debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5 
May 23 21:19:08 s001 sshd[20507]: debug1: permanently_set_uid: 107/65534 [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: SSH2_MSG_KEXINIT sent [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: SSH2_MSG_KEXINIT received [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: kex: client->server aes256-ctr hmac-sha1 none [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: kex: server->client aes256-ctr hmac-sha1 none [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: SSH2_MSG_NEWKEYS sent [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: expecting SSH2_MSG_NEWKEYS [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: SSH2_MSG_NEWKEYS received [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: KEX done [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: userauth-request for user root service ssh-connection method none [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: attempt 0 failures 0 [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: PAM: initializing for "root" 
May 23 21:19:08 s001 sshd[20507]: debug1: PAM: setting PAM_RHOST to "1.2.3.4" 
May 23 21:19:08 s001 sshd[20507]: debug1: PAM: setting PAM_TTY to "ssh" 
May 23 21:19:08 s001 sshd[20507]: debug1: userauth-request for user root service ssh-connection method publickey [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: attempt 1 failures 0 [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: test whether pkalg/pkblob are acceptable [preauth] 
May 23 21:19:08 s001 sshd[20507]: debug1: temporarily_use_uid: 0/0 (e=0/0) 
May 23 21:19:08 s001 sshd[20507]: debug1: trying public key file /root/.ssh/authorized_keys 
May 23 21:19:08 s001 sshd[20507]: debug1: fd 4 clearing O_NONBLOCK 
May 23 21:19:08 s001 sshd[20507]: debug1: restore_uid: 0/0 
May 23 21:19:08 s001 sshd[20507]: debug1: temporarily_use_uid: 0/0 (e=0/0) 
May 23 21:19:08 s001 sshd[20507]: debug1: trying public key file /root/.ssh/authorized_keys2 
May 23 21:19:08 s001 sshd[20507]: debug1: Could not open authorized keys '/root/.ssh/authorized_keys2': No such file or directory 
May 23 21:19:08 s001 sshd[20507]: debug1: restore_uid: 0/0 
May 23 21:19:08 s001 sshd[20507]: Failed publickey for root from 5.6.7.8 port 59930 ssh2: RSA 74:11:....



That’S the server log failing with dolphin

Server log for console



 May 23 21:23:09 s001 sshd[20453]: debug1: Forked child 20847. 
May 23 21:23:09 s001 sshd[20847]: Set /proc/self/oom_score_adj to 0 
May 23 21:23:09 s001 sshd[20847]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8 
May 23 21:23:09 s001 sshd[20847]: debug1: inetd sockets after dupping: 3, 3 
May 23 21:23:09 s001 sshd[20847]: Connection from 5.6.7.8 60276 on 1.2.3.4 port 12345 
May 23 21:23:09 s001 sshd[20847]: debug1: Client protocol version 2.0; client software version OpenSSH_6.6.1 
May 23 21:23:09 s001 sshd[20847]: debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000 
May 23 21:23:09 s001 sshd[20847]: debug1: Enabling compatibility mode for protocol 2.0 
May 23 21:23:09 s001 sshd[20847]: debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5 
May 23 21:23:09 s001 sshd[20847]: debug1: permanently_set_uid: 107/65534 [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: SSH2_MSG_KEXINIT sent [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: SSH2_MSG_KEXINIT received [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: kex: client->server aes128-ctr hmac-sha1-etm@openssh.com none [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: kex: server->client aes128-ctr hmac-sha1-etm@openssh.com none [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: SSH2_MSG_NEWKEYS sent [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: expecting SSH2_MSG_NEWKEYS [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: SSH2_MSG_NEWKEYS received [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: KEX done [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: userauth-request for user root service ssh-connection method none [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: attempt 0 failures 0 [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: PAM: initializing for "root" 
May 23 21:23:09 s001 sshd[20847]: debug1: PAM: setting PAM_RHOST to "5.6.7.8" 
May 23 21:23:09 s001 sshd[20847]: debug1: PAM: setting PAM_TTY to "ssh" 
May 23 21:23:09 s001 sshd[20847]: debug1: userauth-request for user root service ssh-connection method publickey [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: attempt 1 failures 0 [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: test whether pkalg/pkblob are acceptable [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: temporarily_use_uid: 0/0 (e=0/0) 
May 23 21:23:09 s001 sshd[20847]: debug1: trying public key file /root/.ssh/authorized_keys 
May 23 21:23:09 s001 sshd[20847]: debug1: fd 4 clearing O_NONBLOCK 
May 23 21:23:09 s001 sshd[20847]: debug1: matching key found: file /root/.ssh/authorized_keys, line 1 RSA 6c:99:21... 
May 23 21:23:09 s001 sshd[20847]: debug1: restore_uid: 0/0 
May 23 21:23:09 s001 sshd[20847]: Postponed publickey for root from 5.6.7.8 port 60276 ssh2 [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: userauth-request for user root service ssh-connection method publickey [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: attempt 2 failures 0 [preauth] 
May 23 21:23:09 s001 sshd[20847]: debug1: temporarily_use_uid: 0/0 (e=0/0) 
May 23 21:23:09 s001 sshd[20847]: debug1: trying public key file /root/.ssh/authorized_keys 
May 23 21:23:09 s001 sshd[20847]: debug1: fd 4 clearing O_NONBLOCK 
May 23 21:23:09 s001 sshd[20847]: debug1: matching key found: file /root/.ssh/authorized_keys, line 1 RSA 6c:99:21...
May 23 21:23:09 s001 sshd[20847]: debug1: do_pam_account: called 
May 23 21:23:09 s001 sshd[20847]: Accepted publickey for root from 5.6.7.8 port 60276 ssh2: RSA 6c:99:21...
May 23 21:23:09 s001 sshd[20847]: debug1: monitor_child_preauth: root has been authenticated by privileged process 
May 23 21:23:09 s001 sshd[20847]: debug1: monitor_read_log: child log fd closed 
May 23 21:23:09 s001 sshd[20847]: debug1: PAM: establishing credentials 
May 23 21:23:09 s001 sshd[20847]: pam_unix(sshd:session): session opened for user root by (uid=0) 
May 23 21:23:09 s001 sshd[20847]: debug1: packet_set_postauth: called 
May 23 21:23:09 s001 sshd[20847]: debug1: Entering interactive session for SSH2. 
May 23 21:23:09 s001 sshd[20847]: debug1: server_init_dispatch_20 
May 23 21:23:09 s001 sshd[20847]: debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384 
... deleted some initialization stufff
May 23 21:23:09 s001 sshd[20847]: Starting session: shell on pts/1 for root from 5.6.7.8 port 60276 
May 23 21:23:09 s001 sshd[20849]: debug1: Setting controlling tty using TIOCSCTTY. 
May 23 21:23:09 s001 sshd[20849]: debug1: PAM: reinitializing credentials 
May 23 21:23:09 s001 sshd[20849]: debug1: permanently_set_uid: 0/0



Apparently dolphin sends a differnt key than console ssh

See last line in first log


May 23 21:19:08 s001 sshd[20507]: Failed publickey for root from 5.6.7.8 port 59930 ssh2: RSA 74:11:....

And this line in second log


May 23 21:23:09 s001 sshd[20847]: Accepted publickey for root from 5.6.7.8 port 60276 ssh2: RSA 6c:99:21...

How can I say dolphin, for this server use this key or do I have a mess-up with my keys (I have other server with other keys, used only 2 here for example)

Yes, it looks that way.

I don’t normally use dolphin, so I’m not sure where it gets the key.

Have you tried adding the appropriate keys to ssh-agent (with the “ssh-add” command).

At least at the command line, ssh seems to try all keys that ssh-agent holds, until it finds one that works.

I don’t use ssh-agent but I’ll give it a try.
It’s not a big problem, it’s annoying though

Thanks for your help