One thing to look out for is if the Linux servers have UseDNS on in their sshd_config, if they do, they will try to do a reverse IP lookup on you, and if they can't find you, they delay your connection.
Also try making sure that SSHd is enabled. That's a dumb problem that I've encountered once or twice. " 'With the first link, the chain is forged. The first speech censured, the first thought forbidden, the first freedom denied, chains us all irrevocably.' Those words were uttered by Judge Aaron Satie as wisdom and warning... The first time any man's freedom is trodden on, we’re all damaged." - Jean-Luc Picard, quoting Judge Aaron Satie, Star Trek: TNG episode "The Drumhead" - Alex Smith - Dulles, Virginia On Thu, Jul 2, 2015 at 12:41 AM, Andrew Farnsworth <[email protected]> wrote: > The issue is that I am trying to login as a regular user user keys, and it > isn't letting me in. They have the root user able to connect from another > linux box on the network and it works fine. It is connecting to the RHEL > box from my laptop (windows) which is running putty that isn't working. > Nor is connecting from one server to another as the user working. Once I > get it figured out I'll post what the issue was to help share the knowledge. > > Andy F > > On Thu, Jul 2, 2015 at 12:37 AM, Alex Smith (K4RNT) < > [email protected]> wrote: > >> You could change PermitRootLogin to without-password, that would allow >> SSH keys only, from what I remember. >> >> I might be wrong. Check sshd_config man page for verification. >> >> " 'With the first link, the chain is forged. The first speech censured, >> the first thought forbidden, the first freedom denied, chains us all >> irrevocably.' Those words were uttered by Judge Aaron Satie as wisdom and >> warning... The first time any man's freedom is trodden on, we’re all >> damaged." - Jean-Luc Picard, quoting Judge Aaron Satie, Star Trek: TNG >> episode "The Drumhead" >> - Alex Smith >> - Dulles, Virginia >> >> On Thu, Jul 2, 2015 at 12:19 AM, Andrew Farnsworth <[email protected]> >> wrote: >> >>> So i checked the config file and it is set to use the GSSAPIAuthentication >>> but >>> we are able to use keys from another server on the network to allow remote >>> root login. Unfortunately I am not the admin of the machine so, while I >>> have root access, I hesitate to make a change like this that may lock out >>> the regular maintenance access. Our Sr Sys Admin is in tomorrow so I will >>> ask him how he got the ssh keys working for root. >>> >>> Thanks! >>> >>> Andy >>> >>> On Thu, Jul 2, 2015 at 12:08 AM, Tilghman Lesher <[email protected]> >>> wrote: >>> >>>> RedHat likes configuring options that work perfectly in a homogenous >>>> network of all RedHat machines. The problem is that if you have >>>> _other_ machines in your network, some of those options don't play >>>> nicely. >>>> >>>> On Wed, Jul 1, 2015 at 9:22 PM, Alex Smith (K4RNT) >>>> <[email protected]> wrote: >>>> > That's a new one to me, having to turn off Kerberos when the system >>>> isn't >>>> > even configured for it. >>>> > >>>> > I'll keep that in mind though, thanks for the info Tilghman. >>>> > >>>> > " 'With the first link, the chain is forged. The first speech >>>> censured, the >>>> > first thought forbidden, the first freedom denied, chains us all >>>> > irrevocably.' Those words were uttered by Judge Aaron Satie as wisdom >>>> and >>>> > warning... The first time any man's freedom is trodden on, we’re all >>>> > damaged." - Jean-Luc Picard, quoting Judge Aaron Satie, Star Trek: TNG >>>> > episode "The Drumhead" >>>> > - Alex Smith >>>> > - Dulles, Virginia >>>> > >>>> > On Wed, Jul 1, 2015 at 9:40 PM, Tilghman Lesher <[email protected] >>>> > >>>> > wrote: >>>> >> >>>> >> It's RedHat, which means you have to tweak the sshd_config file, to >>>> >> turn off Kerberos authentication. When you turn that off, key-based >>>> >> authentication works perfectly. Specifically, you want to set: >>>> >> >>>> >> GSSAPIAuthentication off >>>> >> >>>> >> On Wed, Jul 1, 2015 at 4:56 PM, Andrew Farnsworth <[email protected] >>>> > >>>> >> wrote: >>>> >> > Evening everyone, >>>> >> > I'm struggling with SSH keys again. I generated a key pair and >>>> put >>>> >> > the >>>> >> > public key on the server and the private key on my laptop. I >>>> configured >>>> >> > Putty to use the private key file and have copied the public key >>>> to the >>>> >> > ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2 file, set the >>>> >> > permissions >>>> >> > to 700 and 600 on the .ssh and authorized_keys/keys2 files. I >>>> still get >>>> >> > a >>>> >> > "server refused our key" message when trying to login and it then >>>> >> > prompts >>>> >> > for password. >>>> >> > >>>> >> > note: I tried generating keys using the putty keygen and using the >>>> >> > keygen on >>>> >> > the linux server. >>>> >> > >>>> >> > OS is RHEL 6.6 >>>> >> > >>>> >> > Any idea where I am going wrong? >>>> >> > >>>> >> > Andy >>>> >> > >>>> >> > -- >>>> >> > -- >>>> >> > You received this message because you are subscribed to the Google >>>> >> > Groups >>>> >> > "NLUG" group. >>>> >> > To post to this group, send email to [email protected] >>>> >> > To unsubscribe from this group, send email to >>>> >> > [email protected] >>>> >> > For more options, visit this group at >>>> >> > http://groups.google.com/group/nlug-talk?hl=en >>>> >> > >>>> >> > --- >>>> >> > You received this message because you are subscribed to the Google >>>> >> > Groups >>>> >> > "NLUG" group. >>>> >> > To unsubscribe from this group and stop receiving emails from it, >>>> send >>>> >> > an >>>> >> > email to [email protected]. >>>> >> > For more options, visit https://groups.google.com/d/optout. >>>> >> >>>> >> >>>> >> >>>> >> -- >>>> >> Tilghman >>>> >> >>>> >> -- >>>> >> -- >>>> >> You received this message because you are subscribed to the Google >>>> Groups >>>> >> "NLUG" group. >>>> >> To post to this group, send email to [email protected] >>>> >> To unsubscribe from this group, send email to >>>> >> [email protected] >>>> >> For more options, visit this group at >>>> >> http://groups.google.com/group/nlug-talk?hl=en >>>> >> >>>> >> --- >>>> >> You received this message because you are subscribed to the Google >>>> Groups >>>> >> "NLUG" group. >>>> >> To unsubscribe from this group and stop receiving emails from it, >>>> send an >>>> >> email to [email protected]. >>>> >> For more options, visit https://groups.google.com/d/optout. >>>> > >>>> > >>>> > -- >>>> > -- >>>> > You received this message because you are subscribed to the Google >>>> Groups >>>> > "NLUG" group. >>>> > To post to this group, send email to [email protected] >>>> > To unsubscribe from this group, send email to >>>> > [email protected] >>>> > For more options, visit this group at >>>> > http://groups.google.com/group/nlug-talk?hl=en >>>> > >>>> > --- >>>> > You received this message because you are subscribed to the Google >>>> Groups >>>> > "NLUG" group. >>>> > To unsubscribe from this group and stop receiving emails from it, >>>> send an >>>> > email to [email protected]. >>>> > For more options, visit https://groups.google.com/d/optout. >>>> >>>> >>>> >>>> -- >>>> Tilghman >>>> >>>> -- >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "NLUG" group. >>>> To post to this group, send email to [email protected] >>>> To unsubscribe from this group, send email to >>>> [email protected] >>>> For more options, visit this group at >>>> http://groups.google.com/group/nlug-talk?hl=en >>>> >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "NLUG" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> -- >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "NLUG" group. >>> To post to this group, send email to [email protected] >>> To unsubscribe from this group, send email to >>> [email protected] >>> For more options, visit this group at >>> http://groups.google.com/group/nlug-talk?hl=en >>> >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "NLUG" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> -- >> -- >> You received this message because you are subscribed to the Google Groups >> "NLUG" group. >> To post to this group, send email to [email protected] >> To unsubscribe from this group, send email to >> [email protected] >> For more options, visit this group at >> http://groups.google.com/group/nlug-talk?hl=en >> >> --- >> You received this message because you are subscribed to the Google Groups >> "NLUG" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/d/optout. >> > > -- > -- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/nlug-talk?hl=en > > --- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
