Arch Linux

Simastrick

Member

Registered: 2006-08-17

Posts: 49

(passwordless ssh) I keep getting asked for password

I've been trying to set up passwordless ssh to my webhost, but it keeps asking for my user password (please note "password" is to be distinguished from "passphrase").

I've set up keychain and x11-askpass, and it asks me for my passphrase when I log in after a fresh boot, so no problems there.

Here is some verbose output (sanitized):

[username@localmachine ~]$ ssh -vvv remote_user@ssh.webhost.net 
OpenSSH_4.5p1, OpenSSL 0.9.8e 23 Feb 2007 
debug1: Reading configuration data /home/username/.ssh/config 
debug1: Applying options for * 
debug1: Reading configuration data /etc/ssh/ssh_config 
debug2: ssh_connect: needpriv 0 
debug1: Connecting to ssh.webhost.net [208.48.143.22] port 22. 
debug1: Connection established. 
debug3: Not a RSA1 key file /home/username/.ssh/id_rsa. 
debug2: key_type_from_name: unknown key type '-----BEGIN' 
debug3: key_read: missing keytype 
debug2: key_type_from_name: unknown key type 'Proc-Type:' 
debug3: key_read: missing keytype 
debug2: key_type_from_name: unknown key type 'DEK-Info:' 
debug3: key_read: missing keytype 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug3: key_read: missing whitespace 
debug2: key_type_from_name: unknown key type '-----END' 
debug3: key_read: missing keytype 
debug1: identity file /home/username/.ssh/id_rsa type 1 
debug1: identity file /home/username/.ssh/id_dsa type -1 
debug1: Remote protocol version 1.99, remote software version OpenSSH_4.5 
debug1: match: OpenSSH_4.5 pat OpenSSH* 
debug1: Enabling compatibility mode for protocol 2.0 
debug1: Local version string SSH-2.0-OpenSSH_4.5 
debug2: fd 3 setting O_NONBLOCK 
debug1: SSH2_MSG_KEXINIT sent 
debug1: SSH2_MSG_KEXINIT received 
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss 
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr 
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr 
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib 
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss 
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr 
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr 
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 
debug2: kex_parse_kexinit: none,zlib@openssh.com 
debug2: kex_parse_kexinit: none,zlib@openssh.com 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_init: found hmac-md5 
debug1: kex: server->client aes128-cbc hmac-md5 none 
debug2: mac_init: found hmac-md5 
debug1: kex: client->server aes128-cbc hmac-md5 none 
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent 
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP 
debug2: dh_gen_key: priv key bits set: 130/256 
debug2: bits set: 499/1024 
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent 
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY 
debug3: check_host_in_hostfile: filename /home/username/.ssh/known_hosts 
debug3: check_host_in_hostfile: match line 1 
debug3: check_host_in_hostfile: filename /home/username/.ssh/known_hosts 
debug3: check_host_in_hostfile: match line 1 
debug1: Host 'ssh.webhost.net' is known and matches the RSA host key. 
debug1: Found key in /home/username/.ssh/known_hosts:1 
debug2: bits set: 500/1024 
debug1: ssh_rsa_verify: signature correct 
debug2: kex_derive_keys 
debug2: set_newkeys: mode 1 
debug1: SSH2_MSG_NEWKEYS sent 
debug1: expecting SSH2_MSG_NEWKEYS 
debug2: set_newkeys: mode 0 
debug1: SSH2_MSG_NEWKEYS received 
debug1: SSH2_MSG_SERVICE_REQUEST sent 
debug2: service_accept: ssh-userauth 
debug1: SSH2_MSG_SERVICE_ACCEPT received 
debug2: key: /home/username/.ssh/id_rsa (0x80989c8) 
debug2: key: /home/username/.ssh/id_dsa ((nil)) 
debug1: Authentications that can continue: publickey,password 
debug3: start over, passed a different list publickey,password 
debug3: preferred publickey,keyboard-interactive,password 
debug3: authmethod_lookup publickey 
debug3: remaining preferred: keyboard-interactive,password 
debug3: authmethod_is_enabled publickey 
debug1: Next authentication method: publickey 
debug1: Offering public key: /home/username/.ssh/id_rsa 
debug3: send_pubkey_test 
debug2: we sent a publickey packet, wait for reply 
debug1: Authentications that can continue: publickey,password 
debug1: Trying private key: /home/username/.ssh/id_dsa 
debug3: no such identity: /home/username/.ssh/id_dsa 
debug2: we did not send a packet, disable method 
debug3: authmethod_lookup password 
debug3: remaining preferred: ,password 
debug3: authmethod_is_enabled password 
debug1: Next authentication method: password 
remote_user@ssh.webhost.net's password:

I've been searching far and wide but I haven't had success. Help please!

phrakture

Arch Overlord

From: behind you

Registered: 2003-10-29

Posts: 7,879

Website

Re: (passwordless ssh) I keep getting asked for password

debug3: send_pubkey_test 
debug2: we sent a publickey packet, wait for reply 
debug1: Authentications that can continue: publickey,password

It looks like it's sending the key just fine, but the server is asking for the next authentication method.  It could be possible that the server doesn't support key-based connections, or that your public key on the server is invalid.

---

http://phraktured.net

Simastrick

Member

Registered: 2006-08-17

Posts: 49

Re: (passwordless ssh) I keep getting asked for password

Hello, thanks for your help. I think your right. Actually, it turned out that my webhost installed someone else's public key in my account. However, they were being smugly superior (as they've admitted now) and told me that they "don't have the resources to troubleshoot member's computer problems" and to go look at tutorials. They've admitted their mistake now, anyhow.