elf at buici.com
2002-May-11 05:57 UTC
PubkeyAuthentication broken because ssh cannot ready it's identity keys
This is a copy of the bug report I sent debian. Package: ssh Version: 1:3.0.2p1-9 Severity: important I want to be able to login between two hosts without entering passwords. ssh-keygen -t dsa * Copy key to other machine cat id_dsa.pub >> .ssh/authorized_keys chmod 600 .ssh/authorized_keys Trouble is that the originating host appears unable to parse its own keys. This is the debug output from the machine that successfully performs the password-free login: debug1: read PEM private key done: type DSA debug1: read PEM private key done: type RSA debug1: identity file /home/elf/.ssh/identity type 0 debug1: identity file /home/elf/.ssh/id_rsa type -1 debug2: key_type_from_name: unknown key type '-----BEGIN' debug2: key_type_from_name: unknown key type '-----END' debug1: identity file /home/elf/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version OpenSSH_3.0.2p1 Debian 1:3.0.2p1-9 The other host reports differently: debug1: read PEM private key done: type DSA debug1: read PEM private key done: type RSA debug1: identity file /home/elf/.ssh/identity type 0 debug2: key_type_from_name: unknown key type '-----BEGIN' debug2: key_type_from_name: unknown key type '-----END' debug1: identity file /home/elf/.ssh/id_dsa type 2 debug2: key_type_from_name: unknown key type '-----BEGIN' debug2: key_type_from_name: unknown key type '-----END' debug1: identity file /home/elf/.ssh/id_rsa type 1 debug1: Remote protocol version 2.0, remote software version OpenSSH_3.0.2p1 Debian 1:3.0.2p1-9 Note that I'm using the id_dsa key for authentication. Here is the dsa key and no, I'm not concerned about being compromised. -----BEGIN DSA PRIVATE KEY----- MIIBugIBAAKBgQCHaKeWvF4kc+SNvV5iph7u6av4nnbALON9bJuio0YXuh8rwY4X o9fzf3ogOOYs+32wFp5MYT7w6Enp6Wm7WeUGuOLXpco4TiWEUpfYcApex+JagVTh FDYc5oeOeXR420b87VPRyVYnjqxGCLQpDw8ROSAkOX1xHGEzETKwzPxtcwIVALzn T1lFsWARKdqaVbI4Xo4SWKFBAoGARvAxvIDbaPnYz5fY76jhi4QTbLP8e10qEKyU OC+E6oWWZSMtnn1Z1VhgPnzvsuMnrrw4n26TuaQwg0TITJ2kep67g1Pyp02OoTOn Px84+EC/+u8KRXghl2V4DQySe7Nd45nEdRgRAfU/byKoDj2U+EF3vD18j4pWU5fW RBHyu34CgYAZh/eFfTPyULWpb45Rgh0JKHYxKrWDRB/T7kLmgs1p9JTzhf+sBXI4 qkuQHfD41NgSp4azg4i322Etr8U1slIAORHGIM5z56TGsu29E3Q18tL1/+KZiMjh 1O0fzXdsJHLhqPABphlZ96tmiVet0pxwJlS/Nw3hI1+nKfjONGmNJgIUdf0w0kl7 b68BgwdevQPU7UCLMx0-----END DSA PRIVATE KEY----- -- System Information Debian Release: 3.0 Kernel Version: Linux cerise 2.4.18 #15 Fri May 10 00:26:54 PDT 2002 i686 unknown Versions of the packages ssh depends on: ii debconf 1.0.32 Debian configuration management system ii libc6 2.2.5-6 GNU C Library: Shared libraries and Timezone ii libpam-modules 0.72-35 Pluggable Authentication Modules for PAM ii libpam0g 0.72-35 Pluggable Authentication Modules library ii libssl0.9.6 0.9.6c-2 SSL shared libraries ii libwrap0 7.6-9 Wietse Venema's TCP wrappers library ii zlib1g 1.1.4-1 compression library - runtime --- Begin /etc/ssh/ssh_config (modified conffile) Host * ForwardX11 yes --- End /etc/ssh/ssh_config --- Begin /etc/ssh/moduli (modified conffile) Config file not present or no permissions for access --- End /etc/ssh/moduli --- Begin /etc/init.d/ssh (modified conffile) Config file not present or no permissions for access --- End /etc/init.d/ssh