On Tue, Jan 05, 2016 at 11:49:54AM -0500, rvclayton@acm.org wrote:
I'm running $ lsb_release -a No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux testing-updates (sid) Release: testing-updates Codename: sid $ uname -a Linux BanjaLuka 4.3.0-1-686-pae #1 SMP Debian 4.3.3-2 (2015-12-17) i686 GNU/Linux $ and after the most recent (dist-)upgrade $ grep ssh 160103 mesa-vdpau-drivers multiarch-support nodejs openssh-client openssh-server openssh-sftp-server openssl p11-kit p11-kit-modules perl perl-base perl-doc Preparing to unpack .../openssh-sftp-server_1%3a7.1p1-5_i386.deb ... Unpacking openssh-sftp-server (1:7.1p1-5) over (1:6.9p1-3) ... Preparing to unpack .../openssh-server_1%3a7.1p1-5_i386.deb ... Unpacking openssh-server (1:7.1p1-5) over (1:6.9p1-3) ... Preparing to unpack .../openssh-client_1%3a7.1p1-5_i386.deb ... Unpacking openssh-client (1:7.1p1-5) over (1:6.9p1-3) ... Setting up openssh-client (1:7.1p1-5) ... Installing new version of config file /etc/ssh/moduli ... Setting up openssh-sftp-server (1:7.1p1-5) ... Setting up openssh-server (1:7.1p1-5) ... $ I find that I can no longer just ssh hostname into a system, I have to give a password $ ssh burkinafaso rclayton@burkinafaso's password: ^C $ Before the upgrade, I used to ssh into a system without supplying a password. I get the same behavior independent of the host on the other end (another testing system, freebsd, or centos). Re-installing the (unchanged) ssh key via ssh-copy-id doesn't fix anything. How do I recover the ssh behavior I had before the upgrade?
To debug the problem, you can try running "ssh -v burkinafaso" to confirm that your client is sending the key correctly. Next up, you can try "sudo /usr/bin/sshd -d -p 2222" on the server, then "ssh -p 2222 burkinafaso"; that will create a one-shot, non-forking sshd on the server (in other words, logs will appear at the server terminal and, once the connection finishes, that instance will stop). See if the server explains why it's rejecting your key.
Possible reasons include: the format of your key is no longer supported by the SSHD (read the changelog for anything that might be relevant), either the public or the private key is unreadable etc.
-- For more information, please reread.
Attachment:
signature.asc
Description: PGP signature