1

I'm trying to connect to my iMac (server) from my macbook (client) on my LAN. Both have Mac OS X 10.6.4. Server running on a new clean install of the OS. When just activating Remote Login in System Preferences everything works fine. But when setting up ssh to only work with public/private key I get the following error messages from the server log depending on if I use a rsa passphrase or not:

  • With passphrase (case 1):

    PAM: user account has expired for <myServerUserName> from 192.168.X.X via 192.168.X.Y

  • Without passphrase (case 2):

    Failed publickey for <myServerUserName> from 192.168.X.X port AAAAA ssh2

This is my setup algorithm:

  • Create a private and public key on client with command ssh-keygen -t rsa. In case 1 I also set a passphrase.
  • Move the id_rsa.pub to the server path /Users/<myServerUserName>/.ssh/
  • In this folder I execute cat id_rsa.pub > authorized_keys
  • Making sure Remote Login isn't active, I now execute sudo /usr/sbin/sshd -d on the server.
  • Back on the client I now type ssh -v -v -v <myServerUserName>@192.168.X.Y and get prompted to accept RSA key fingerprint. This is NOT the same fingerprint as the one from when I created the private/public key (should it be?). I accept.
  • Depending on case:
    • CASE 1: Client gets halted for password and the response is permission denied even though correct password is given. Back on the server I can read the error message I stated above for case 1: PAM: user account has expired...
    • CASE 2: Client gets message Connection closed by 192.168.X.Y. Back on the server I can read the error message I stated above for case 2: Failed publickey...

What could possibly cause this?

Chealion
  • 5,733
  • 28
  • 29
bennedich
  • 111
  • 4
  • 2
    Is there a reason you're starting `sshd` via the command-line? Have you modified `/etc/sshd_config` or `/etc/pam.d/sshd` ? Your "CASE 1" example looks like the user you're trying to connect with isn't valid. – medina Jul 11 '10 at 15:05
  • Have you double checked the permissions / mode of the authorized_keys file? – ForgeMan Jul 11 '10 at 16:22
  • @medina: Yeah, I wanted to see the log. I've tried starting ssh from `System Preferences/Sharing` and the results are the same. I have tried modifying `/etc/sshd_config`, but I haven't made any changes to `/etc/pam.d/sshd` yet. I'm not 100% sure what to do, I'm kinda new to this. @ForgeMan: Do you mean by just typing `ls -l`? What permissions should be set? – bennedich Jul 11 '10 at 16:57

1 Answers1

0

Just a couple of hints, I have had to set the identity file (rsa private/public key) as filename identity and identity.pub on MacOSX. I am pretty sure this is the default name.

You can specify the filename when using the ssh command, by using 'ssh -i /home/username/.ssh/id_rsa user@host' in your case and this should always work. It is the best way to determine if the default filename is the problem.

Andrew Lowe
  • 206
  • 1
  • 3