Gavin W. Burris on 20 Oct 2011 11:18:22 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Setting up SSH public key on OSX


Do this on both sides:
$ chmod -R go= ~/.ssh

And make sure the keys in your remote ~/.ssh/authorized_keys file do not
have line breaks in them.

Also, did you run ssh-add on the client?

Cheers.

On 10/20/2011 02:13 PM, Paul Walker wrote:
> Ugh can't find the sshd log on OSX
> 
> On Thu, Oct 20, 2011 at 2:01 PM, David Coulson <david@davidcoulson.net
> <mailto:david@davidcoulson.net>> wrote:
> 
>     where is the sshd log from the remote side? That is more useful.
> 
> 
>     On 10/20/11 1:56 PM, Paul Walker wrote:
>>     It appears from this debugging info that validation indeed occurs,
>>     however the remote end is still prompting for a password...
>>
>>     OpenSSH_5.2p1, OpenSSL 0.9.8l 5 Nov 2009
>>     debug1: Reading configuration data /etc/ssh_config
>>     debug1: Connecting to hostname.com <http://hostname.com> [IP] port 22.
>>     debug1: Connection established.
>>     debug1: identity file /Users/user/.ssh/identity type -1
>>     debug1: identity file /Users/user/.ssh/id_rsa type -1
>>     debug1: identity file /Users/user/.ssh/id_dsa type 2
>>     debug1: Remote protocol version 2.0, remote software version
>>     OpenSSH_5.3p1 Debian-3ubuntu7
>>     debug1: match: OpenSSH_5.3p1 Debian-3ubuntu7 pat OpenSSH*
>>     debug1: Enabling compatibility mode for protocol 2.0
>>     debug1: Local version string SSH-2.0-OpenSSH_5.2
>>     debug1: SSH2_MSG_KEXINIT sent
>>     debug1: SSH2_MSG_KEXINIT received
>>     debug1: kex: server->client aes128-ctr hmac-md5 none
>>     debug1: kex: client->server aes128-ctr hmac-md5 none
>>     debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
>>     debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
>>     debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
>>     debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
>>     debug1: Host 'hostname.com <http://hostname.com>' is known and
>>     matches the RSA host key.
>>     debug1: Found key in /Users/user/.ssh/known_hosts:5
>>     debug1: ssh_rsa_verify: signature correct
>>     debug1: SSH2_MSG_NEWKEYS sent
>>     debug1: expecting SSH2_MSG_NEWKEYS
>>     debug1: SSH2_MSG_NEWKEYS received
>>     debug1: SSH2_MSG_SERVICE_REQUEST sent
>>     debug1: SSH2_MSG_SERVICE_ACCEPT received
>>     debug1: Authentications that can continue: publickey,password
>>     debug1: Next authentication method: publickey
>>     debug1: Trying private key: /Users/user/.ssh/identity
>>     debug1: Trying private key: /Users/user/.ssh/id_rsa
>>     debug1: Offering public key: /Users/user/.ssh/id_dsa
>>     debug1: Authentications that can continue: publickey,password
>>     debug1: Next authentication method: password
>>
>>
>>     On Thu, Oct 20, 2011 at 1:33 PM, Jeff Bailey
>>     <skydiver38@verizon.net <mailto:skydiver38@verizon.net>> wrote:
>>
>>         Yes, put the public key in the remote machine's
>>         authorized_keys file... 
>>          
>>          
>>         On 10/20/11, Matt Berlin<arkestra@gmail.com
>>         <mailto:arkestra@gmail.com>> wrote:
>>         I think pub goes on the remote machine -- but i'm not sure.
>>
>>         Matthew Berlin
>>         arkestra@gmail.com <mailto:arkestra@gmail.com>
>>         535 Misty Patch Rd.
>>         Coatesville, PA 19320
>>         (484) 832-1055 <tel:%28484%29%20832-1055>[Call: (484)
>>         832-1055] <#133227f37d2fcedc_13322655b150f517_>
>>
>>
>>
>>         On Thu, Oct 20, 2011 at 12:37 PM, Paul Walker
>>         <starsinmypockets@gmail.com
>>         <mailto:starsinmypockets@gmail.com>> wrote:
>>
>>             I'm trying to set up a public key to connect to SSH using
>>             public key authentication to improve my Git workflow.... 
>>
>>             The remote server is Ubuntu 10.0.4.
>>             I generate the keys with the command:
>>
>>                 ssh-keygen -t rsa -C "root@mydomain.com
>>                 <mailto:root@mydomain.com>"
>>
>>
>>             press return three times, then am pasting the contents of
>>              id_rsa.pub into a newly created authorized_keys file in
>>             ~/.ssh/ on my local machine running OSX... 
>>
>>             This isn't working.
>>
>>             Anyone familiar with the configuration on OSX / Ubuntu can
>>             tell me what's wrong or point me in the right direction
>>
>>             Thanks in advance
>>
>>             Paul
>>
>>             ___________________________________________________________________________
>>             Philadelphia Linux Users Group         --      
>>              http://www.phillylinux.org <http://www.phillylinux.org/>
>>             Announcements -
>>             http://lists.phillylinux.org/mailman/listinfo/plug-announce
>>             General Discussion  --  
>>             http://lists.phillylinux.org/mailman/listinfo/plug
>>
>>
>>
>>         ------------------------------------------------------------------------
>>
>>         ___________________________________________________________________________
>>         Philadelphia Linux Users Group -- http://www.phillylinux.org
>>         <http://www.phillylinux.org/>
>>         Announcements -
>>         http://lists.phillylinux.org/mailman/listinfo/plug-announce
>>         General Discussion --
>>         http://lists.phillylinux.org/mailman/listinfo/plug
>>
>>         ___________________________________________________________________________
>>         Philadelphia Linux Users Group         --      
>>          http://www.phillylinux.org
>>         Announcements -
>>         http://lists.phillylinux.org/mailman/listinfo/plug-announce
>>         General Discussion  --  
>>         http://lists.phillylinux.org/mailman/listinfo/plug
>>
>>
>>
>>
>>     ___________________________________________________________________________
>>     Philadelphia Linux Users Group         --        http://www.phillylinux.org
>>     Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
>>     General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
> 
>     ___________________________________________________________________________
>     Philadelphia Linux Users Group         --      
>      http://www.phillylinux.org
>     Announcements -
>     http://lists.phillylinux.org/mailman/listinfo/plug-announce
>     General Discussion  --  
>     http://lists.phillylinux.org/mailman/listinfo/plug
> 
> 
> 
> 
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --        http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

-- 
Gavin W. Burris
Senior Systems Programmer
Information Security and Unix Systems
School of Arts and Sciences
University of Pennsylvania
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug