scp

kalin m kalin at el.net
Wed Oct 22 20:16:35 PDT 2008 

here is pretty much the same from another machine (os x laptop) with a 
dsa key:

................................................................................
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /private/var/root/.ssh/id_dsa (0x300e30)
debug1: Authentications that can continue: 
publickey,password,keyboard-interactive
debug3: start over, passed a different list 
publickey,password,keyboard-interactive
debug3: preferred 
gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /private/var/root/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: 
publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method   <==  ***** why didn't 
we?!? ****
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: Authentications that can continue: 
publickey,password,keyboard-interactive
debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred:
debug3: authmethod_is_enabled password
debug1: Next authentication method: password




kalin m wrote:
>
> with -vvv i get this below:
>
> .............................................................
> debug1: bits set: 1034/2048
> debug1: ssh_dss_verify: signature correct
> debug1: kex_derive_keys
> debug1: newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: waiting for SSH2_MSG_NEWKEYS
> debug1: newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: done: ssh_kex2.
> debug1: send SSH2_MSG_SERVICE_REQUEST
> debug1: service_accept: ssh-userauth
> debug1: got SSH2_MSG_SERVICE_ACCEPT
> debug1: authentications that can continue: 
> publickey,password,keyboard-interactive
> debug3: start over, passed a different list 
> publickey,password,keyboard-interactive
> debug3: preferred publickey,keyboard-interactive,password
> debug3: authmethod_lookup publickey
> debug3: remaining preferred: keyboard-interactive,password
> debug3: authmethod_is_enabled publickey
> debug1: next auth method to try is publickey
> debug1: try pubkey: id_rsa
> debug3: send_pubkey_test
> debug2: we sent a publickey packet, wait for reply
> debug1: authentications that can continue: 
> publickey,password,keyboard-interactive
> debug2: we did not send a packet, disable method
> debug3: authmethod_lookup keyboard-interactive
> debug3: remaining preferred: password
> debug3: authmethod_is_enabled keyboard-interactive
> debug1: next auth method to try is keyboard-interactive
> debug2: userauth_kbdint
> debug2: we sent a keyboard-interactive packet, wait for reply
> debug1: authentications that can continue: 
> publickey,password,keyboard-interactive
> debug3: userauth_kbdint: disable: no info_req_seen
> debug2: we did not send a packet, disable method
> debug3: authmethod_lookup password
> debug3: remaining preferred:
> debug3: authmethod_is_enabled password
> debug1: next auth method to try is password
>
> after this i get the password prompt....
>
> why does it say try pubkey: id_rsa when id_rsa is supposed to be the 
> private key?
>
> ?!?!
>
>
>
>
> Greg Larkin wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> kalin m wrote:
>>  
>>> hi all...
>>>
>>> i need to do a script to copy a file from a remote machine via scp with
>>> a key and without a password....
>>>
>>> here is what i'm doing:
>>>
>>> 1. ssh-keygen -t rsa
>>> 2. scp new_key.pub to user at remote_host (with password)
>>> 3. on remote_host rename new_key.pub to ~user/.ssh/athorized_keys
>>>
>>> when i try:
>>> # scp user at remote_host:/files/file file
>>>
>>> i get password prompt...
>>>
>>> what am i missing?!?
>>>
>>>     
>>
>> Hi Kalin,
>>
>> Here are a few things to try and check:
>>
>> - - Run scp with the "-vvv" flag to enable very verbose output.  You may
>> see something in the log messages during the connection phase that
>> expose the problem.
>>
>> - - Check the /var/log/messages file on the host for debug messages from
>> sshd.  Are there any errors that indicate why public key authentication
>> doesn't work?
>>
>> - - Check the /etc/ssh/sshd_config file contents.  Is 
>> PubkeyAuthentication
>> enabled?  You can also change the LogLevel setting if you need more
>> information emitted to /var/log/messages.  Don't forget to send SIGHUP
>> to sshd whenever you change sshd_config.
>>
>> - - Check the permissions on the the ~user/.ssh directory and the
>> authorized_keys file.  They have to be sufficiently tight (700 and 600,
>> typically).
>>
>> Hope that helps, and post back here with any further questions.
>>
>> Regards,
>> Greg Larkin
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.9 (FreeBSD)
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>>
>> iEYEARECAAYFAkj/2NQACgkQ0sRouByUApD3jACgnHA1h6XmnOuAEQXsnBjCcZBZ
>> /k8An2AIMx4CJSXuTDfrPCcBlb9rLFqA
>> =9z7a
>> -----END PGP SIGNATURE-----
>>   
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to 
> "freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list