Suse 11 - ssh login with rsa/publickey

User_JDoe · September 11, 2008, 1:07pm

I am searching for a Howto or something similar that might help me to use ssh-publickey-logins to my Suse11-Box.

I am using it as a virtualized LAMP-server in VMWare. Password-logins are possible with putty from Windows.

I generated an 2048 bit rsa-key and stored the public part in ~/.ssh . I followed the instructions given here.

But when I try to login with putty it fails with ‘Unable to use key file (Putty SSH-2 private key)’ and falls back to simple password-authentication.

I am sure it is, as so often, only a small thing I do not see or understand, but I hope someone can help me. Thanks!

buckesfeld · September 11, 2008, 1:54pm

http://en.opensuse.org/Public_Key_Authentication

HTH
Uwe

User_JDoe · September 11, 2008, 4:22pm

I followed the linked instructions but unfortunately it does not change anything. When trying to log in from Windows using Putty (current version) it results in:

Unable to use key file "C:\Users\FOOBAR\Documents\µKEYS\WEB2\id_rsa" (OpenSSH SSH-2 private key)
Using username "FOOBAR".
Using keyboard-interactive authentication.
...

user · September 11, 2008, 5:13pm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Putty has issues with everybody else’s SSH keys, or so I’ve found. In
every case where I was forced to do key-based authentication from
windows I either used Cygwin or else I used Putty’s tools to generate
the keys and put those on the Linux box. I’m sure there’s a sensible
reason why Putty isn’t working in this case, but I haven’t found it.

So, use Putty to generate a new public/private keypair, put the public
key on the Linux box, and see if that helps.

Good luck.

User JDoe wrote:
> I followed the linked instructions but unfortunately it does not change
> anything. When trying to log in from Windows using Putty (current
> version) it results in:
>
>
> Code:
> --------------------
> Unable to use key file “C:\Users\FOOBAR\Documents\µKEYS\WEB2\id_rsa” (OpenSSH SSH-2 private key)
> Using username “FOOBAR”.
> Using keyboard-interactive authentication.
> …
>
> --------------------
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIyTWu3s42bA80+9kRApyyAJ4jhxdflGAfe+OqyHuV2cpYW7T0XQCfQzqi
oOBasz7kgez6yAFs+YNB8OI=
=wP6E
-----END PGP SIGNATURE-----

69_rs_ss · September 11, 2008, 5:55pm

User JDoe wrote:
> I followed the linked instructions but unfortunately it does not change
> anything. When trying to log in from Windows using Putty (current
> version) it results in:
>
>
> Code:
> --------------------
> Unable to use key file “C:\Users\FOOBAR\Documents\µKEYS\WEB2\id_rsa” (OpenSSH SSH-2 private key)
> Using username “FOOBAR”.
> Using keyboard-interactive authentication.
> …
>
> --------------------
>
>
You will need to use puttygen in order to import the key and translate
it into a ppk that putty can use. I might be able to try and get
something written up tonight if you are unable to do it by then.

69_rs_ss · September 12, 2008, 6:13am

69_rs_ss wrote:
> User JDoe wrote:
>> I followed the linked instructions but unfortunately it does not change
>> anything. When trying to log in from Windows using Putty (current
>> version) it results in:
>>
>>
>> Code:
>> --------------------
>> Unable to use key file
>> “C:\Users\FOOBAR\Documents\µKEYS\WEB2\id_rsa” (OpenSSH SSH-2 private key)
>> Using username “FOOBAR”.
>> Using keyboard-interactive authentication.
>> …
>> --------------------
>>
>>
> You will need to use puttygen in order to import the key and translate
> it into a ppk that putty can use. I might be able to try and get
> something written up tonight if you are unable to do it by then.
Here is a howto that might help.
http://www.electrictoolbox.com/putty-rsa-dsa-keys/

User_JDoe · September 12, 2008, 2:59pm

Now I generated an 2048 SSH-2 RSA Keypair with Puttygen. I copied the public part to ~/.ssh/id_rsa.pub.
-> (As root): chown FOOBAR /usr/FOOBAR/.ssh/id_rsa.pub
-> (As FOOBAR): chmod 644 ~/.ssh/id_rsa.pub
-> (As FOOBAR): chmod 700 ~/.ssh
-> (As root): rcsshd restart

But trying to log in results in:

Using username "FOOBAR".
Server refused our key
Using keyboard-interactive authentication.
Password:

OK, so I tried to import the old key (generated on the linux box) with Puttygen but it does not work either. The result is the same message as given before Any other ideas?

malcolmlewis · September 12, 2008, 3:25pm

Hi
Did you look at the link provided by Uwe? The file you need to copy the
id_rsa.pub key to is called authorized_keys…

–
Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 11.0 x86 Kernel 2.6.25.16-0.1-default
up 22:45, 1 user, load average: 0.18, 0.12, 0.09
GPU GeForce 6600 TE/6200 TE - Driver Version: 173.14.12

User_JDoe · September 12, 2008, 3:49pm

Yes I have read the linked pages.

Maybe some details will help to find the cause of my problems:

~

FOOBAR@SUSE11BOX:~> ls -al
...
drwx------ 2 FOOBAR users 4096 12. Sep 15:02 .ssh
...

~/.ssh

FOOBAR@SUSE11BOX:~/.ssh> ls -al
insgesamt 24
drwx------ 2 FOOBAR users 4096 12. Sep 15:02 .
drwxr-xr-x 9 FOOBAR users 4096 12. Sep 15:02 ..
-rw-r--r-- 1 FOOBAR users  381 12. Sep 15:02 authorized_keys
-rw------- 1 FOOBAR users 1743 12. Sep 14:51 id_rsa
-rw-r--r-- 1 FOOBAR users  381 12. Sep 14:51 id_rsa.pub
-rw-r--r-- 1 FOOBAR users  237  8. Sep 12:41 known_hosts

MD5-Hases of id_rsa.pub and authorized_keys

FOOBAR@SUSE11BOX:~/.ssh> md5sum authorized_keys id_rsa.pub
aee9818d534a80e073f94f2c1d0b0c38  authorized_keys
aee9818d534a80e073f94f2c1d0b0c38  id_rsa.pub

And of course I changed/checked the settings in /etc/ssh/sshd_config:

Protocol 2
PubkeyAuthentication yes
AuthorizedKeysFile      ~/.ssh/authorized_keys
PasswordAuthentication no
UsePAM yes
X11Forwarding yes
Subsystem       sftp    /usr/lib/ssh/sftp-server
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL

(all other lines are commented out)

The authorized_keys has not been exactly the same as id_rsa.pub before, but I tried it with a renamed copy (cp id_rsa.pub authorized_keys). Does not work although

If any other informations are helpful please let me know.

User_JDoe · September 12, 2008, 4:13pm

Just tried it again:

FOOBAR@SUSE11BOX:~/.ssh> ssh FOOBAR@SUSE11BOX "cat - >> ~/.ssh/authorized_keys"
Password:

FOOBAR@SUSE11BOX:~/.ssh> md5sum authorized_keys id_rsa.pub
b8e59a7d4020792c412da75e589ff4fc  authorized_keys
aee9818d534a80e073f94f2c1d0b0c38  id_rsa.pub

But the server (sshd restarted) still refuses the key

malcolmlewis · September 12, 2008, 4:27pm

Hi
Your authorized_keys location is incorrect, no ~/ I have never had to
change from the defaults (except on solaris OS ).


kermit-opensuse:~ # grep -v ^# /etc/ssh/sshd_config | grep -v ^$
Protocol 2
PasswordAuthentication no

UsePAM yes
X11Forwarding yes
Subsystem	sftp	/usr/lib/ssh/sftp-server
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY
LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE
LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL

–
Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 11.0 x86 Kernel 2.6.25.16-0.1-default
up 23:43, 3 users, load average: 0.01, 0.09, 0.19
GPU GeForce 6600 TE/6200 TE - Driver Version: 173.14.12

User_JDoe · September 12, 2008, 5:06pm

SOLVED

Thanks a lot! I commented the line “AuthorizedKeysFile …” in the sshd_config out and restarted the sshd. And now it works

RBEmerson · March 17, 2009, 5:58am

This is an older topic but I want pass along thanks for the help this topic provided. It fixed my problems, too!

venomlich · July 7, 2009, 9:53am

Hello!
Dunno, if I need to open a new theme for the same problem:
I can’t establish ssh connection with publickey (keyboard-interactive method works fine). I already read ssh manual, this theme and suse wiki (Public Key Authentication - openSUSE), may be I can’t see something obvious…

Relying on the suse community help!

So, this is my configurations:
Server-side configuration
ssh config folder

admin@server:/etc/ssh> ls -l
итого 160
-rw------- 1 root root 125811 Дек  3  2008 moduli
-rw-r--r-- 1 root root   2705 Дек  3  2008 ssh_config
-rw-r----- 1 root root   3898 Июл  7 10:53 sshd_config
-rw------- 1 root root    668 Авг 25  2008 ssh_host_dsa_key
-rw-r--r-- 1 root root    590 Авг 25  2008 ssh_host_dsa_key.pub
-rw------- 1 root root    963 Авг 25  2008 ssh_host_key
-rw-r--r-- 1 root root    627 Авг 25  2008 ssh_host_key.pub
-rw------- 1 root root   1675 Авг 25  2008 ssh_host_rsa_key
-rw-r--r-- 1 root root    382 Авг 25  2008 ssh_host_rsa_key.pub

sshd_config:

admin@server:/etc/ssh> sudo grep -v ^# /etc/ssh/sshd_config | grep -v ^$
Protocol 2
PubkeyAuthentication yes
AuthorizedKeysFile      .ssh/authorized_keys
PasswordAuthentication no

UsePAM yes
X11Forwarding yes
Subsystem       sftp    /usr/lib/ssh/sftp-server
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL

Commenting AuthorizedKeysFile does nothing - its a default value.

user .ssh folder

admin@server:~/.ssh> ls -l
итого 8
-rw------- 1 admin users 399 Июл  7 10:17 authorized_keys
-rw-r--r-- 1 admin users 221 Июл  7 11:14 known_hosts

keyfile

admin@server:~/.ssh> more authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAz61oy+Jor6KtaKCtGldpvN9SojssFAdeOMRm5q/NbuKQeIaPFpXB1EnZRzvuAqygebe3CujnJ2sV5H0n5c/7WT5Jz+JoImxj24am5Cii3Ju
fCGPr0Nn3B/V/zuiSYv01CCg9t+HupOvKuzPPa+sxXd8a5Xu0siMwGqmvoqllj7kA4gWhtD8wAZg7ba6M3P12Mk7uaAJFcJ0o4s0S7wVVFxvkOi0QA5xIv+BLl7ClNYNV3ihY3eDaWVqQA4
2krxBGgJozrLnTk8k7Xc3lHwLejyQ2s9nH4NA3weDVijyihY6eaQyaEU+84DIh13WhCTHCKy+leW61meCqMw8UR+aulQ== venomlich@alsw082

pam.d/sshd configuration

admin@server:/etc/pam.d> more sshd
#%PAM-1.0
auth     requisite      pam_nologin.so
auth     include        common-auth
account  include        common-account
password include        common-password
session  required       pam_loginuid.so
session  include        common-session

Firewall is turned off.

Client-side configuration
ssh config folder

venomlich@alsw082:/etc/ssh> ls -l
итого 160
-rw------- 1 root root 125811 Дек  3  2008 moduli
-rw-r--r-- 1 root root   2705 Июл  7 08:55 ssh_config
-rw-r----- 1 root root   4032 Июн 24 09:54 sshd_config
-rw------- 1 root root    668 Май 12 13:24 ssh_host_dsa_key
-rw-r--r-- 1 root root    605 Май 12 13:24 ssh_host_dsa_key.pub
-rw------- 1 root root    530 Май 12 13:24 ssh_host_key
-rw-r--r-- 1 root root    334 Май 12 13:24 ssh_host_key.pub
-rw------- 1 root root    887 Май 12 13:24 ssh_host_rsa_key
-rw-r--r-- 1 root root    225 Май 12 13:24 ssh_host_rsa_key.pub

ssh_config

venomlich@alsw082:/etc/ssh> grep -v ^# /etc/ssh/ssh_config | grep -v ^$
Host *
ForwardX11Trusted yes
    Protocol 2
SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
SendEnv LC_IDENTIFICATION LC_ALL

user .ssh folder

venomlich@alsw082:~/.ssh> ls -l
итого 12
-rw------- 1 venomlich users 1671 Июл  7 09:30 id_rsa
-rw-r--r-- 1 venomlich users  399 Июл  7 09:30 id_rsa.pub
-rw-r--r-- 1 venomlich users  394 Июл  7 08:26 known_hosts

id_rsa.pub is

venomlich@alsw082:~/.ssh> more id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAz61oy+Jor6KtaKCtGldpvN9SojssFAdeOMRm5q/NbuKQeIaPFpXB1EnZRzvuAqygebe3CujnJ2sV5H0n5c/7WT5Jz+JoImxj24am5Cii3Ju
fCGPr0Nn3B/V/zuiSYv01CCg9t+HupOvKuzPPa+sxXd8a5Xu0siMwGqmvoqllj7kA4gWhtD8wAZg7ba6M3P12Mk7uaAJFcJ0o4s0S7wVVFxvkOi0QA5xIv+BLl7ClNYNV3ihY3eDaWVqQA4
2krxBGgJozrLnTk8k7Xc3lHwLejyQ2s9nH4NA3weDVijyihY6eaQyaEU+84DIh13WhCTHCKy+leW61meCqMw8UR+aulQ== venomlich@alsw082

venomlich · July 7, 2009, 9:55am

Continuation…

The sshd output from server (started in debug mode on the different port)

admin@broadcom-server:~> sudo /usr/sbin/sshd -dd -D -e -p 32
debug2: load_server_config: filename /etc/ssh/sshd_config   
debug2: load_server_config: done config len = 475           
debug2: parse_server_config: config /etc/ssh/sshd_config len 475
debug1: sshd version OpenSSH_5.1p1                              
debug1: read PEM private key done: type RSA                     
debug1: private host key: #0 type 1 RSA                         
debug1: read PEM private key done: type DSA                     
debug1: private host key: #1 type 2 DSA                         
debug1: rexec_argv[0]='/usr/sbin/sshd'                          
debug1: rexec_argv[1]='-dd'                                     
debug1: rexec_argv[2]='-D'                                      
debug1: rexec_argv[3]='-e'                                      
debug1: rexec_argv[4]='-p'                                      
debug1: rexec_argv[5]='32'                                      
debug2: fd 3 setting O_NONBLOCK                                 
debug1: Bind to port 32 on 0.0.0.0.                             
Server listening on 0.0.0.0 port 32.                            
debug2: fd 4 setting O_NONBLOCK                                 
debug1: Bind to port 32 on ::.                                  
Server listening on :: port 32.                                 
debug1: Server will not fork when running in debugging mode.    
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8         
debug2: parse_server_config: config rexec len 475               
debug1: sshd version OpenSSH_5.1p1                              
debug1: read PEM private key done: type RSA                     
debug1: private host key: #0 type 1 RSA                         
debug1: read PEM private key done: type DSA                     
debug1: private host key: #1 type 2 DSA                         
debug1: inetd sockets after dupping: 3, 3                       
Connection from 172.16.0.82 port 47087                          
debug1: Client protocol version 2.0; client software version OpenSSH_5.1
debug1: match: OpenSSH_5.1 pat OpenSSH*                                 
debug1: Enabling compatibility mode for protocol 2.0                    
debug1: Local version string SSH-2.0-OpenSSH_5.1                        
debug2: fd 3 setting O_NONBLOCK                                         
debug1: permanently_set_uid: 71/65                                      
debug1: list_hostkey_types: ssh-rsa,ssh-dss                             
debug1: SSH2_MSG_KEXINIT sent                                           
debug1: SSH2_MSG_KEXINIT received                                       
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1                                                                                                                                     
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss                                                                                                     
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr                                                                                                      
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr                                                                                                      
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96           
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96           
debug2: kex_parse_kexinit: none,zlib@openssh.com                                                                                               
debug2: kex_parse_kexinit: none,zlib@openssh.com                                                                                               
debug2: kex_parse_kexinit:                                                                                                                     
debug2: kex_parse_kexinit:                                                                                                                     
debug2: kex_parse_kexinit: first_kex_follows 0                                                                                                 
debug2: kex_parse_kexinit: reserved 0                                                                                                          
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1                                                                                                                                     
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss                                                                                                     
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr                                                                                                      
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr                                                                                                      
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96           
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96           
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib                                                                                          
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib                                                                                          
debug2: kex_parse_kexinit:                                                                                                                     
debug2: kex_parse_kexinit:                                                                                                                     
debug2: kex_parse_kexinit: first_kex_follows 0                                                                                                 
debug2: kex_parse_kexinit: reserved 0                                                                                                          
debug2: mac_setup: found hmac-md5                                                                                                              
debug1: kex: client->server aes128-cbc hmac-md5 none                                                                                           
debug2: mac_setup: found hmac-md5                                                                                                              
debug1: kex: server->client aes128-cbc hmac-md5 none                                                                                           
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received                                                                                                   
debug2: Network child is on pid 5871                                                                                                           
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent                                                                                                         
debug2: dh_gen_key: priv key bits set: 127/256                                                                                                 
debug2: bits set: 509/1024                                                                                                                     
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT                                                                                                     
debug2: bits set: 486/1024                                                                                                                     
debug2: monitor_read: 0 used once, disabling now                                                                                               
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent                                                                                                         
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: monitor_read: 4 used once, disabling now
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user venomlich service ssh-connection method none
debug1: attempt 0 failures 0
debug2: parse_server_config: config reprocess config len 475
Invalid user venomlich from 172.16.0.82
debug1: Unable to open the btmp file /var/log/btmp: No such file or directory
input_userauth_request: invalid user venomlich
debug2: input_userauth_request: try method none
debug1: userauth-request for user venomlich service ssh-connection method publickey
debug1: attempt 1 failures 0
debug2: input_userauth_request: try method publickey
debug2: userauth_pubkey: disabled because of invalid user
debug2: monitor_read: 6 used once, disabling now
debug1: userauth-request for user venomlich service ssh-connection method publickey
debug1: attempt 2 failures 1
debug2: input_userauth_request: try method publickey
debug2: userauth_pubkey: disabled because of invalid user
debug1: PAM: initializing for "venomlich"
debug1: userauth-request for user venomlich service ssh-connection method keyboard-interactive
debug1: attempt 3 failures 2
debug2: input_userauth_request: try method keyboard-interactive
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=venomlich devs=
debug1: kbdint_alloc: devices 'pam'
debug2: auth2_challenge_start: devices pam
debug2: kbdint_next_device: devices <empty>
debug1: auth2_challenge_start: trying authentication method 'pam'
debug1: PAM: setting PAM_RHOST to "172.16.0.82"
debug1: PAM: setting PAM_TTY to "ssh"
debug2: monitor_read: 45 used once, disabling now
debug2: monitor_read: 3 used once, disabling now
Postponed keyboard-interactive for invalid user venomlich from 172.16.0.82 port 47087 ssh2

venomlich · July 7, 2009, 9:57am

Continuation…

Client-side output of ssh connection attempt

venomlich@alsw082:~> ssh -p 32 -vv venomlich@172.16.0.130
OpenSSH_5.1p1, OpenSSL 0.9.8h 28 May 2008                
debug1: Reading configuration data /etc/ssh/ssh_config   
debug1: Applying options for *                           
debug2: ssh_connect: needpriv 0                          
debug1: Connecting to 172.16.0.130 [172.16.0.130] port 32.
debug1: Connection established.                           
debug2: key_type_from_name: unknown key type '-----BEGIN' 
debug2: key_type_from_name: unknown key type '-----END'   
debug1: identity file /home/venomlich/.ssh/id_rsa type 1  
debug1: identity file /home/venomlich/.ssh/id_dsa type -1 
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1
debug1: match: OpenSSH_5.1 pat OpenSSH*                                 
debug1: Enabling compatibility mode for protocol 2.0                    
debug1: Local version string SSH-2.0-OpenSSH_5.1                        
debug2: fd 3 setting O_NONBLOCK                                         
debug1: SSH2_MSG_KEXINIT sent                                           
debug1: SSH2_MSG_KEXINIT received                                       
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1                                                                                                                                     
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss                                                                                                     
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr                                                                                                      
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr                                                                                                      
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96           
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96           
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib                                                                                          
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib                                                                                          
debug2: kex_parse_kexinit:                                                                                                                     
debug2: kex_parse_kexinit:                                                                                                                     
debug2: kex_parse_kexinit: first_kex_follows 0                                                                                                 
debug2: kex_parse_kexinit: reserved 0                                                                                                          
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1                                                                                                                                     
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss                                                                                                     
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr                                                                                                      
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr                                                                                                      
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96           
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96           
debug2: kex_parse_kexinit: none,zlib@openssh.com                                                                                               
debug2: kex_parse_kexinit: none,zlib@openssh.com                                                                                               
debug2: kex_parse_kexinit:                                                                                                                     
debug2: kex_parse_kexinit:                                                                                                                     
debug2: kex_parse_kexinit: first_kex_follows 0                                                                                                 
debug2: kex_parse_kexinit: reserved 0                                                                                                          
debug2: mac_setup: found hmac-md5                                                                                                              
debug1: kex: server->client aes128-cbc hmac-md5 none                                                                                           
debug2: mac_setup: found hmac-md5                                                                                                              
debug1: kex: client->server aes128-cbc hmac-md5 none                                                                                           
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 146/256
debug2: bits set: 486/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: checking without port identifier
debug1: Host '172.16.0.130' is known and matches the RSA host key.
debug1: Found key in /home/venomlich/.ssh/known_hosts:1
debug1: found matching key w/out port
debug2: bits set: 509/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/venomlich/.ssh/id_rsa (0xb7fdcff0)
debug2: key: /home/venomlich/.ssh/id_rsa (0xb7fda578)
debug2: key: /home/venomlich/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: /home/venomlich/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Offering public key: /home/venomlich/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /home/venomlich/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:

So the problem is that on server-side venomlich is invalid user. But WHY?!?!

Really looking forward any ideas

venomlich · July 7, 2009, 1:55pm

Already found everything by myself

Was really obvious thing - I just placed publickey to wrong place - in the servers ‘admin’ home directory, not in ‘venomlich’ home directory

**** it