0

I wish to connect SSH from machine1 to machine2 without password. machine2 is using Solaris 10. I generate keypairs on machine1 using user user1 and transferred the public key to machine2 under user2. (not user1).

Then I copied the contents of user1's public key into user2 ssh directory inside a file named authorized_keys.

Then I make sure my machine2 sshd_config has the following :

IgnoreRhosts no
HostbasedAuthentication yes
PasswordAuthentication no
....
PAMAuthenticationViaKBDInt yes
RSAAuthentication yes
PermitRootLogin no

But after restarting sshd (svcadm restart ssh), I cannot connect to user2 using user1 at machine1. It always goes to prompt my password. I think the ssh daemon goes to the PAMAuthenticationViaKBDInt option.

I sometimes see there are files like known_hosts and identity. are they supported in Solaris 10's version of SSH?

Any advise do whether I have done the configuration correctly? What needs to be done at machine1's ssh_config file?

Update: my user1 ssh -vvv output:

debug: server offers auth methods 'gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,hostbased'.
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:595/ssh_client_auth_hostbased: Starting hostbased auth...
debug: SshConfig/sshconfig.c:3072/ssh2_parse_config_ext: Metaconfig parsing stopped at line 3.
debug: SshConfig/sshconfig.c:3364/ssh_config_read_file_ext: Read 6 params from config file.
debug: Host key pair is not specified, trying to use default 'hostkey'.
debug: SshHostKeyIO/sshhostkeyio.c:194/ssh_host_key_read_keys: Reading public host key from /etc/ssh2/hostkey                                                                           .pub
debug: SshHostKeyIO/sshhostkeyio.c:279/ssh_host_key_read_keys: Host key algorithms (from disk): ssh-dss
debug: SshSigChld/sigchld.c:238/ssh_sigchld_register: Registering handler for pid 4410.
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:133/hostbased_init_pubkey: Trying "hostbased" authentication                                                                            with `ssh-dss' key.
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:805/ssh_client_auth_hostkeys_initialized: Child: Execing ssh                                                                           -signer...(path: /path/to/ssh2/bin/ssh-signer2)
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:448/auth_hostbased_received_packet: ssh-signer returned SSH_                                                                           AUTH_HOSTBASED_SIGNATURE
debug: server offers auth methods 'gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,hostbased'.
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:667/ssh_client_auth_hostbased: Server rejected the signature                                                                           .
debug: Ssh2AuthClient/sshauthc.c:319/ssh_authc_completion_proc: Method 'hostbased' disabled.
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:110/hostbased_init_pubkey: No more keys to try.
debug: ssh_pipe_stream_destroy
debug: server offers auth methods 'gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,hostbased'.
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1794/ssh_client_auth_pubkey: Starting pubkey auth...
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1751/ssh_client_auth_pubkey_agent_open_complete: Agent is not runn                                                                           ing.
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1549/ssh_client_auth_pubkey_agent_list_complete: Got 0 keys from t                                                                           he agent.
debug: SshConfig/sshconfig.c:2979/ssh2_parse_config_ext: Unable to open /users/home/user1/.ssh2/identificatio                                                                           n
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1529/ssh_client_auth_pubkey_add_candidates: Trying 0 key candidate                                                                           s.
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:983/ssh_client_auth_pubkey_try_this_candidate: All keys declined b                                                                           y server, disabling method.
debug: Ssh2AuthClient/sshauthc.c:319/ssh_authc_completion_proc: Method 'publickey' disabled.
debug: server offers auth methods 'gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,hostbased'.
debug: Ssh2AuthKbdInteractiveClient/authc-kbd-interactive.c:342/ssh_client_auth_kbd_interact: Starting kbd-in                                                                           t auth...
Keyboard-interactive:
Password: debug: SshReadPass/readpass.c:198/ssh_read_passphrase: got errno 4, system error Interrupted system call

thanks

MadHatter
  • 79,770
  • 20
  • 184
  • 232
JinPangPang
  • 135
  • 6
  • check `RSAAuthentication yes` in sshd_config on the machine you are trying to connect to. – gwillie Jul 31 '15 at 05:11
  • Yes, i have the option to `yes` – JinPangPang Jul 31 '15 at 06:39
  • try verbose mode with ssh eg `ssh -vvv user@...` and see what errors are outputed – gwillie Jul 31 '15 at 06:40
  • 1
    What do your sshd logs say ? – user9517 Jul 31 '15 at 07:12
  • hi lain, at `machine1`, `warning: Hostbased authentication is DISABLED. warning: Hostname "machine1" is not a fully qualified domain name (FQDN), warning: and DefaultDomain configuration parameter is not set. Ask your warning: sysadmin to set it to the systemwide configuration file. warning: (which is /etc/ssh2/ssh2_config .)` – JinPangPang Jul 31 '15 at 07:54

0 Answers0