PublicKey authentification for ssh

Instead of using a password I´d like to use a public key (DSA) to authenticate for ssh.

You would say "no big deal" - so that is what I said, too - but it is :-)

Here is my /etc/sshd_config:

asl:/home/login/.ssh # cat /etc/sshd_config
# This is ssh server systemwide configuration file.

Port 22
ListenAddress 0.0.0.0
HostKey /etc/ssh/ssh_host_key
HostDSAKey /etc/ssh/ssh_host_dsa_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin no
StrictModes yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes
UseLogin no
#UsePrivilegeSeparation yes
#
# Loglevel replaces QuietMode and FascistLogging
#
SyslogFacility AUTHPRIV
#LogLevel VERBOSE
LogLevel DEBUG

#
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#
RhostsRSAAuthentication no

#
# Don't read ~/.rhosts and ~/.shosts files
#
IgnoreRhosts yes
RhostsAuthentication no

#
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#
#IgnoreUserKnownHosts yes

RSAAuthentication yes
AuthorizedKeysFile      .ssh/authorized_keys2  port 3206
2004-Jan 13 21:54:16 (none) sshd[10032]: debug1: Client protocol version 2.0; client software version PuTTY-Release-0.53b
2004-Jan 13 21:54:16 (none) sshd[10032]: debug1: no match: PuTTY-Release-0.53b
2004-Jan 13 21:54:16 (none) sshd[10032]: debug1: Enabling compatibility mode for protocol 2.0
2004-Jan 13 21:54:16 (none) sshd[10032]: debug1: Local version string SSH-1.99-OpenSSH_3.7.1p1_ASL
2004-Jan 13 21:54:18 (none) sshd[10032]: Failed none for loginuser from  port 3206 ssh2
2004-Jan 13 21:54:18 (none) sshd[10032]: debug1: temporarily_use_uid: 100/100 (e=0/0)
2004-Jan 13 21:54:18 (none) sshd[10032]: debug1: trying public key file /home/login/.ssh/authorized_keys2
2004-Jan 13 21:54:18 (none) sshd[10032]: debug1: restore_uid: 0/0
2004-Jan 13 21:54:18 (none) sshd[10032]: debug1: temporarily_use_uid: 100/100 (e=0/0)
2004-Jan 13 21:54:18 (none) sshd[10032]: debug1: trying public key file /home/login/.ssh/authorized_keys2
2004-Jan 13 21:54:18 (none) sshd[10032]: debug1: restore_uid: 0/0

Does somebody know if there is a issue about putty and the openssh version on ASL or is the ASL openssh not compiled "right"?

techno.kid

Parents

0 Taharqa over 21 years ago

Did you check your permissions on the authorized_keys file ? Only the user should have acces to it. Can be corrected by a chmod 600 .ssh/authorized_keys2 when in your homedir. BTW, I would also be a good idea to add Protocol 2 after your Port 22 line as this would force the server to only work in SSH2 as SSH1 is vulnerable. HTH
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 Taharqa over 21 years ago

Did you check your permissions on the authorized_keys file ? Only the user should have acces to it. Can be corrected by a chmod 600 .ssh/authorized_keys2 when in your homedir. BTW, I would also be a good idea to add Protocol 2 after your Port 22 line as this would force the server to only work in SSH2 as SSH1 is vulnerable. HTH
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 techno.kid over 21 years ago in reply to Taharqa

Yes, I did - 600 doesn´t help :-(

Maybe someone from Astaro can put some information on this issue in here?

techno.kid
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 cyclops over 21 years ago in reply to Taharqa

check /var/log/auth or daemon - possibly you'll find some more information.

Greeetings
cyclops
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel