[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

woody openssh quandary



The mailserver at my work has both ssh and ssh2 installed. I do not have any problem using ssh with a key generated with "ssh-keygen" on my woody box at home to check my mail at work. I figured I would try dsa though, and that's where I have problems.

If I use "ssh-keygen -t dsa" at home to generate "id_dsa.pub" and then moving it over to "authorized_keys2" on "~/.ssh" at the server at work. When logging in with ssh, I get a prompt for my password, rather than my passphrase. The same happens if I generate "id_rsa.pub" at home and append it to "authorized_keys2" on the server at work. I have also tried appending "id_dsa.pub" to "authorized_keys", and to "authorized_keys2" in a .ssh2 subdirectory at work, but it still behaves the same.

Any suggestions would be appreciated.
Thanks,
Glen
P.S. Heres the verbose output when I try to login (I just changed the server name):

OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 1000 geteuid 0 anon 1
debug1: Connecting to mymailserver.edu [xxx.xxx.xxx.xx] port 22.
debug1: temporarily_use_uid: 1000/1000 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 1000/1000 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/glen/.ssh/identity type -1
debug1: identity file /home/glen/.ssh/id_rsa type -1
debug1: identity file /home/glen/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version 2.1.0 SSH Secure Shell (non-commercial)
debug1: match: 2.1.0 SSH Secure Shell (non-commercial) pat ^2\.1\.0
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_2.9p2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client 3des-cbc hmac-md5 none
debug1: kex: client->server 3des-cbc hmac-md5 none
debug1: dh_gen_key: priv key bits set: 188/384
debug1: bits set: 504/1024
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Host 'mymailserver.edu' is known and matches the DSA host key.
debug1: Found key in /home/glen/.ssh/known_hosts2:1
debug1: bits set: 495/1024
debug1: len 40 datafellows 73813
debug1: ssh_dss_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password
debug1: next auth method to try is publickey
debug1: try privkey: /home/glen/.ssh/identity
debug1: try privkey: /home/glen/.ssh/id_rsa
debug1: try pubkey: /home/glen/.ssh/id_dsa
debug1: authentications that can continue: publickey,password
debug1: next auth method to try is password

.....the login works ok with my regular password.



Reply to: