I'm on a Cisco 2900 router running IOS ver 15.4. I have run show ip ssh and get the following:
SSH Enabled - version 2.0
Authentication methods:publickey,keyboard-interactive,password
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded):
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQDexiovLMJlGyTplQW4EfbzBrcOve5HCsJ0fZ4RKxJQ
0w2oWA/BEMSABV5YEWkK6lhgt5ZqupeZxYGpIZMGwQa2qKJ6KLjWqp3tW99mUGigIhNhCA84giqj03kN
Zdpb650=
I have placed the ssh-rsa line into my authorized_keys file on my Linux server. I have tested that password-less authentication works starting from a different Linux server and logging into the target server.
In my sshd_config on the server, I have set PasswordAuthentication no, ChallengeResponseAuthentication no, and PubkeyAuthentication yes. I have examined the sshd log (with debug flags set) and don't see any clear error messages.
I get the following error when I try to log in with ssh -l root 10.10.34.77:
*Feb 18 22:20:50.608: %SSH-3-AUTH_METH_ERR: Server does not support
password or keyboard-interactive authentication
Because of the above error, I believe the issue is that the Cisco 2900 is not configured to attempt PubkeyAuthentication (only password and keyboard), and I can't so far figure a way to enable it. ssh -o on the 2900 only supports the numberofpasswordprompts options and I've looked through all available ip ssh ? choices when in config mode.
Can anyone confirm or deny these results? Thanks
