ssh problem
I am getting ssh error, below is the log of ssh
ebug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Next authentication method: publickey debug1: Offering public key: degas-engineering/us-east/degas-engineering debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Offering public key: servertestingkey debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Offering public key: newgitserver debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Offering public key: herble debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Offering public key: server13 debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Offering public key: server13s Received disconnect from 54.224.79.75: 2: Too many authentication failures for root Regards, Sg.. |
You've not really said what your specific problem is here, but presumably it's because you're not getting a password prompt? You have a lot of private keys there and it basically looks like you're not managing them effectively. Conventionally you'd only use a single key for each client machine, so only have one key to offer, and then fall back to a password. from the names of the keys, i'm guessing you'rem adding all keys to all machines, so really your first plan of action is really to understand the architecture behind preshard keys properly, and then to remove all but one of the keys, possibly even deleting all of them on all servers and creating a new si gle one on a per machine basis.
|
Chris,
Thanks for your suggestions. I've configured ssh without password where servers are in ec2. The below options are enabled in my client ssh . /etc/ssh/ssh_config IdentityFile /root/degas-engineering/us-east/degas-engineering /etc/profile.d/ssh-agent.sh SSHAGENT=/usr/bin/ssh-agent SSHAGENTARGS="-s" SSH_ENV="/root/.ssh/environment" # start the ssh-agent function start_agent { #echo "Initializing new SSH agent..." # spawn ssh-agent ssh-agent | sed 's/^echo/#echo/' > "$SSH_ENV" echo succeeded chmod 600 "$SSH_ENV" . "$SSH_ENV" > /dev/null ssh-add } # Source SSH settings, if applicable if [ -f "${SSH_ENV}" ]; then . "${SSH_ENV}" > /dev/null #ps ${SSH_AGENT_PID} doesn't work under cywgin ps -ef | grep ${SSH_AGENT_PID} | grep ssh-agent$ > /dev/null || { start_agent; } else start_agent; fi Server side: /etc/ssh_config StrictHostKeyChecking no /etc/sshd_config PasswordAuthentication no I could login the another server with this key which is slackware 13.7. I trying this for slack 14 64 bit. Regards, sg,, |
yoru distribution of choice is irrlevant, SSH *MUST* work the same on any system.
are all your keys in /root/degas-engineering/us-east/degas-engineering then? |
Thanks for the reply...
In the below path have only one key ie : degas-engineering /root/degas-engineering/us-east/degas-engineering |
well that's not a key, that's a file that could contain multiple keys. Add a few more -v's to the ssh command and I think it'll say which file each key is coming from.
|
this is the key Chris.. I could login another using this key.
Please find the below log.. debug1: identity file /root/degas-engineering/us-east/degas-engineering type 1 debug1: identity file /root/degas-engineering/us-east/degas-engineering-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5 debug1: match: OpenSSH_5.5 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.5 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'ec2-23-20-202-10.compute-1.amazonaws.com' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:82 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Next authentication method: publickey debug1: Offering public key: degas-engineering/us-east/degas-engineering debug1: Server accepts key: pkalg ssh-rsa blen 279 debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessions@openssh.com debug1: Entering interactive session. Last login: Mon Jul 8 09:13:18 2013 from 1.22.214.66 Linux 2.6.34. root@system:~# |
sure, but that's the first one offered in the original output too, so if all you want is for that key to be accepted, you should just need to add it to the authorized_hosts on the remote end. As I originally stated, it really isn't clear what you perceive the issue to be here, or rather, what you expect "working" to look like.
|
All times are GMT -5. The time now is 05:45 PM. |