[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-users] SSH key change seems ineffectual
From: |
Steve White |
Subject: |
Re: [Savannah-users] SSH key change seems ineffectual |
Date: |
Sat, 7 Apr 2018 01:22:42 +0200 |
Hi, I guess it's OK to send the results of your second test.
Something clearly goes haywire with the RSA offering, but I don't know why.
I've used this system to ssh to other machines locally and remotely --
this is the first problem I've seen.
ssh -v address@hidden hostname
OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to cvs.savannah.gnu.org [208.118.235.201] port 22.
debug1: Connection established.
debug1: identity file /home/swhite/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/swhite/.ssh/id_rsa-cert type -1
debug1: identity file /home/swhite/.ssh/id_dsa type 2
debug1: key_load_public: No such file or directory
debug1: identity file /home/swhite/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/swhite/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/swhite/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/swhite/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/swhite/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
debug1: Remote protocol version 2.0, remote software version
OpenSSH_6.6.1p1 Trisquel_GNU/linux_7.0-1
debug1: match: OpenSSH_6.6.1p1 Trisquel_GNU/linux_7.0-1 pat
OpenSSH_6.6.1* compat 0x04000000
debug1: Authenticating to cvs.savannah.gnu.org:22 as 'Stevan_White'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: address@hidden
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: address@hidden MAC:
<implicit> compression: none
debug1: kex: client->server cipher: address@hidden MAC:
<implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256
SHA256:qRLLJ4w/GAeiDyYnbx4yWJbZXwGiYYxgNty7lAfUyuM
debug1: Host 'cvs.savannah.gnu.org' is known and matches the ECDSA host key.
debug1: Found key in /home/swhite/.ssh/known_hosts:9
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: Skipping ssh-dss key /home/swhite/.ssh/id_dsa - not in
PubkeyAcceptedKeyTypes
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/swhite/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/swhite/.ssh/id_ecdsa
debug1: Trying private key: /home/swhite/.ssh/id_ed25519
debug1: Next authentication method: password
On Sat, Apr 7, 2018 at 12:57 AM, Bob Proulx <address@hidden> wrote:
> Hi Steve,
>
>> I am trying to do commits from a new machine. I added its SSH public
>> RSA key on the Savannah web page (for GNU FreeFont project), but for
>> hours, neither SVN nor CVS works for me. Both are asking for a
>> password.
>
> Looking in the logs doesn't show anything obvious. Seems like it
> should be working. I looked quickly at your ssh keys in the database
> and they looked okay. Since you say you are working from a new
> machine then I suspect something there. Perhaps permissions. Usually
> permissions must not be group writable anywhere up the directory tree
> for example so be sure to check permissions.
>
>> Have i forgotten something? Or do key changes have to be authorized
>> by somebody?
>
> Things should be working. Try this as a simple test.
>
> $ ssh address@hidden hostname
>
> You should see:
>
> You tried to execute: hostname
> Sorry, you are not allowed to execute that command.
>
> That means things are working. But you might be seeing something
> else. If so and the reason isn't obvious then try:
>
> ssh -v address@hidden hostname
>
> You should see something like (this is from me):
>
> debug1: Next authentication method: publickey
> debug1: Offering public key: RSA
> SHA256:ny9SZmnnLpUeTcmzt+pVpoxdH39AntZ+8Cb33tmCLzQ /home/rwp/.ssh/id_rsa
> debug1: Server accepts key: pkalg ssh-rsa blen 279
>
> If you don't then something is wrong with the public key offer.
> Either permissions or something.
>
> Bob
>