Dave Reed writes: >> From: "Ian Truelsen" <[EMAIL PROTECTED]> >> >> Dave Reed writes: >> >> >> > Looks to me like it's trying protocol 1 and then protocol 2. Which are >> > you trying to use? I've got it working using protocol 2. >> > >> > For protocol 2, you should have an id_dsa and an id_dsa.pub on the >> > local machine. The remote machine should have its own id_dsa and >> > id_dsa.pub files. The remote machine should have a file named >> > authorized_keys2 which contains the contents of the local machine's >> > id_dsa.pub. >> > >> > You might also try ssh -2 hostname to force protocol 2, assuming you >> > are trying to use protocol 2 and created your keys with: >> > ssh-keygen -t dsa >> > >> Okay. Set this up as you suggest, assuming that the files on the remote >> machine should be, as in the local machine, HOME/.ssh/ >> >> Here is what it looks like now: >> >> [doctor@minion1 doctor]$ ssh -2 -v dark-lord >> OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f >> debug1: Reading configuration data /etc/ssh/ssh_config >> debug1: Applying options for * >> debug1: Seeding random number generator >> debug1: Rhosts Authentication disabled, originating port will not be >> trusted. >> debug1: restore_uid >> debug1: ssh_connect: getuid 500 geteuid 0 anon 1 >> debug1: Connecting to dark-lord [192.168.100.1] port 22. >> debug1: temporarily_use_uid: 500/500 (e=0) >> debug1: restore_uid >> debug1: temporarily_use_uid: 500/500 (e=0) >> debug1: restore_uid >> debug1: Connection established. >> debug1: identity file /home/doctor/.ssh/id_rsa type 1 >> debug1: identity file /home/doctor/.ssh/id_dsa type 2 >> debug1: Remote protocol version 1.99, remote software version OpenSSH_2.9p2 >> debug1: match: OpenSSH_2.9p2 pat ^OpenSSH >> Enabling compatibility mode for protocol 2.0 >> debug1: Local version string SSH-2.0-OpenSSH_2.9p2 >> debug1: SSH2_MSG_KEXINIT sent >> debug1: SSH2_MSG_KEXINIT received >> debug1: kex: server->client aes128-cbc hmac-md5 none >> debug1: kex: client->server aes128-cbc hmac-md5 none >> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent >> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP >> debug1: dh_gen_key: priv key bits set: 126/256 >> debug1: bits set: 1032/2049 >> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent >> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY >> debug1: Host 'dark-lord' is known and matches the RSA host key. >> debug1: Found key in /home/doctor/.ssh/known_hosts2:1 >> debug1: bits set: 1033/2049 >> debug1: ssh_rsa_verify: signature correct >> debug1: kex_derive_keys >> debug1: newkeys: mode 1 >> debug1: SSH2_MSG_NEWKEYS sent >> debug1: waiting for SSH2_MSG_NEWKEYS >> debug1: newkeys: mode 0 >> debug1: SSH2_MSG_NEWKEYS received >> debug1: done: ssh_kex2. >> debug1: send SSH2_MSG_SERVICE_REQUEST >> debug1: service_accept: ssh-userauth >> debug1: got SSH2_MSG_SERVICE_ACCEPT >> debug1: authentications that can continue: >> publickey,password,keyboard-interactive >> debug1: next auth method to try is publickey >> debug1: try pubkey: /home/doctor/.ssh/id_rsa >> debug1: authentications that can continue: >> publickey,password,keyboard-interactive >> debug1: try pubkey: /home/doctor/.ssh/id_dsa >> debug1: authentications that can continue: >> publickey,password,keyboard-interactive >> debug1: next auth method to try is password >> doctor@dark-lord's password: >> debug1: ssh-userauth2 successful: method password >> debug1: channel 0: new [client-session] >> debug1: channel_new: 0 >> debug1: send channel open 0 >> debug1: Entering interactive session. >> debug1: client_init id 0 arg 0 >> debug1: Requesting X11 forwarding with authentication spoofing. >> debug1: channel request 0: shell >> debug1: channel 0: open confirm rwindow 0 rmax 16384 >> >> I don't seem to be getting any closer. >> >> The permissions are set to 0600 for the remote machine's id_dsa, and 0644 >> for the authorized_keys. On the local machine, the id_dsa file is set to >> 0600 and the id_dsa.pub is set to 0644. > > It's authorized_keys2 for protocol 2. > > Show us an "ls -a" of the .ssh directory of both machines. > This is the local machine:
. id_dsa identity id_rsa known_hosts2 .. id_dsa.pub identity.pub id_rsa.pub And the remote machine: . .. authorized_keys2 id_dsa id_dsa.pub id_rsa id_rsa.pub Ian. Ian Truelsen Masters program in Philosophy University of Manitoba, Winnipeg, Canada BA (Wilfrid Laurier University) Email: [EMAIL PROTECTED] Current favourite quote: "No great civilisation likes forests." K.F. O'Connor Lincoln College, Christchurch, New Zealand _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
