0

I uploaded my public key and tried to ssh to one of my site nodes. But each time I am getting permission denied. Log information is attached.

OpenSSH_6.1p1 Debian-4, OpenSSL 1.0.1c 10 May 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to planetlab2.utdallas.edu [129.110.125.52] port 22.
debug1: Connection established.
debug1: identity file /home/nazim/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/nazim/.ssh/id_rsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.7
debug1: match: OpenSSH_4.7 pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.1p1 Debian-4
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT recenter code hereeived
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 25:a2:cc:c4:e7:e6:ea:ba:96:6d:a9:06:c9:58:41:c7
debug1: Host 'planetlab2.utdallas.edu' is known and matches the RSA host key.
debug1: Found key in /home/nazim/.ssh/known_hosts:6
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/nazim/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: No more authentication methods to try.
Permission denied (publickey,keyboard-interactive).

Please help me if you know what is going wrong.

Thanks, Nazim

Nazim
  • 3
  • 1
  • 2

1 Answers1

0

Try checking permissions on the destination machine. This is the biggest source of confusion. The requirements depend on /etc/ssh/sshd_conf, but by try:

/home/nazim must *not* be world executable (this actually bit me once!).
/home/nazim/.ssh must be chmod 700.
kovacsbv
  • 351
  • 4
  • 11
  • Changed the permissions of the directories. But still getting it. Do I need to change anything in /etc/ssh/sshd_conf ? – Nazim Aug 26 '13 at 18:30
  • The actual authorized_keys file has to be 600. You did save your public key as authorized_keys, right? – kovacsbv Aug 27 '13 at 19:35
  • I don't recommend changing sshd_conf unless there is a compelling reason. – kovacsbv Aug 29 '13 at 13:25
  • I generated the keys with the following command: ssh-keygen -t rsa -f ~/.ssh/id_rsa Then i just uploaded the public key(id_rsa.pub) without changing the permission. After that, I changed the permission of private key to 600. Please tell me what else I need to do. – Nazim Aug 29 '13 at 14:38
  • Ok. The keys normally reside on the *originating/client* host. You will have both, and the private key is what you need for an outgoing connection to the destination. On the *destination/server* machine, place your public key in a file called ~/.ssh/authorized_keys. This means you must rename your public key file *on the destination/server* to authorized_keys and chmod 600 the file, along with chmod 700 ~ and chmod 700 ~/.ssh. – kovacsbv Aug 30 '13 at 15:43
  • In planet-lab, they have a web interface to upload the public key. Using the web interface, I can upload the key. I don't have access in the server machine. So, I can't change the permission of those folders. I changed the keys permission 600 and folders(~ and .ssh) permission to 700 in client machine. – Nazim Aug 30 '13 at 18:05
  • I can now ssh after using ssh-agent. Thanks. – Nazim Sep 04 '13 at 19:22