You are not logged in.

#1 2022-11-30 19:22:23

StarterX4
Member
From: San Escobar
Registered: 2016-04-16
Posts: 4

[SOLVED] AUR: SSH keeps refusing the keys

Since yesterday (after like 3 weeks of inactivity?) I can't properly connect to AUR through SSH. It rejects my old key, and every new one I create (added in user panel and then switched in ~/.ssh/config). When I try to clone any repo (or just connect without -o 'IdentitiesOnly yes'), OpenSSH tries all my available keys. It suspiciously seems to be concurrent with the OpenSSL switch to 3.x.x.

[starterx4@doadgrz AUR]$ ssh aur.archlinux.org -o 'IdentitiesOnly yes' -v
OpenSSH_9.1p1, OpenSSL 3.0.7 1 Nov 2022
debug1: Reading configuration data /home/starterx4/.ssh/config
debug1: /home/starterx4/.ssh/config line 1: Applying options for aur.archlinux.org
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to aur.archlinux.org [95.216.144.15] port 22.
debug1: Connection established.
debug1: identity file /home/starterx4/.ssh/aur type 0
debug1: identity file /home/starterx4/.ssh/aur-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_9.1
debug1: compat_banner: match: OpenSSH_9.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to aur.archlinux.org:22 as 'starterx4'
debug1: load_hostkeys: fopen /home/starterx4/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: sntrup761x25519-sha512@openssh.com
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:RFzBCUItH9LZS0cKB5UE6ceAYhBD5C8GeOBip8Z11+4
debug1: load_hostkeys: fopen /home/starterx4/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'aur.archlinux.org' is known and matches the ED25519 host key.
debug1: Found key in /home/starterx4/.ssh/known_hosts:4
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 6 keys
debug1: Will attempt key: /home/starterx4/.ssh/aur RSA SHA256:Esc1E9X5Gjz3NL/neEhhSCGO3vBxQ7VzBP+AwY/tSjc explicit agent
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
debug1: kex_input_ext_info: publickey-hostbound@openssh.com=<0>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/starterx4/.ssh/aur RSA SHA256:Esc1E9X5Gjz3NL/neEhhSCGO3vBxQ7VzBP+AwY/tSjc explicit agent
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
starterx4@aur.archlinux.org: Permission denied (publickey).

[starterx4@doadgrz AUR]$ ssh aur.archlinux.org -o 'IdentitiesOnly yes' -v
OpenSSH_9.1p1, OpenSSL 3.0.7 1 Nov 2022
debug1: Reading configuration data /home/starterx4/.ssh/config
debug1: /home/starterx4/.ssh/config line 1: Applying options for aur.archlinux.org
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to aur.archlinux.org [95.216.144.15] port 22.
debug1: Connection established.
debug1: identity file /home/starterx4/.ssh/aur2 type 3
debug1: identity file /home/starterx4/.ssh/aur2-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_9.1
debug1: compat_banner: match: OpenSSH_9.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to aur.archlinux.org:22 as 'starterx4'
debug1: load_hostkeys: fopen /home/starterx4/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: sntrup761x25519-sha512@openssh.com
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:RFzBCUItH9LZS0cKB5UE6ceAYhBD5C8GeOBip8Z11+4
debug1: load_hostkeys: fopen /home/starterx4/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'aur.archlinux.org' is known and matches the ED25519 host key.
debug1: Found key in /home/starterx4/.ssh/known_hosts:4
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 6 keys
debug1: Will attempt key: /home/starterx4/.ssh/aur2 ED25519 SHA256:+Q9PUS36HKY7yguTu88AehtUxoPH0NgdPY9wDj+sjH0 explicit agent
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
debug1: kex_input_ext_info: publickey-hostbound@openssh.com=<0>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/starterx4/.ssh/aur2 ED25519 SHA256:+Q9PUS36HKY7yguTu88AehtUxoPH0NgdPY9wDj+sjH0 explicit agent
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
starterx4@aur.archlinux.org: Permission denied (publickey).

[starterx4@doadgrz AUR]$ git clone ssh://aur.archlinux.org/cachyos-themes-sddm.git/
Cloning into 'cachyos-themes-sddm'...
Received disconnect from 95.216.144.15 port 22:2: Too many authentication failures
Disconnected from 95.216.144.15 port 22
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

After few tries I probably got banned on my main connection, since then it rejects connections, I can't even access AUR through web.
After connecting to phone's hotspot, it just rejects keys:

[starterx4@doadgrz AUR]$ ssh -v aur.archlinux.org -o 'IdentitiesOnly yes' -i ~/.ssh/aur3
OpenSSH_9.1p1, OpenSSL 3.0.7 1 Nov 2022
debug1: Reading configuration data /home/starterx4/.ssh/config
debug1: /home/starterx4/.ssh/config line 1: Applying options for aur.archlinux.org
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to aur.archlinux.org [95.216.144.15] port 22.
debug1: connect to address 95.216.144.15 port 22: Connection refused
debug1: Connecting to aur.archlinux.org [2a01:4f9:c010:50::1] port 22.
debug1: connect to address 2a01:4f9:c010:50::1 port 22: Network is unreachable
ssh: connect to host aur.archlinux.org port 22: Network is unreachable

[starterx4@doadgrz AUR]$ ssh -v aur.archlinux.org -o 'IdentitiesOnly yes' -i ~/.ssh/aur3
OpenSSH_9.1p1, OpenSSL 3.0.7 1 Nov 2022
debug1: Reading configuration data /home/starterx4/.ssh/config
debug1: /home/starterx4/.ssh/config line 1: Applying options for aur.archlinux.org
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to aur.archlinux.org [2a01:4f9:c010:50::1] port 22.
debug1: connect to address 2a01:4f9:c010:50::1 port 22: Connection refused
debug1: Connecting to aur.archlinux.org [95.216.144.15] port 22.
debug1: Connection established.
debug1: identity file /home/starterx4/.ssh/aur3 type 0
debug1: identity file /home/starterx4/.ssh/aur3-cert type -1
debug1: identity file /home/starterx4/.ssh/aur3 type 0
debug1: identity file /home/starterx4/.ssh/aur3-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_9.1
debug1: compat_banner: match: OpenSSH_9.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to aur.archlinux.org:22 as 'starterx4'
debug1: load_hostkeys: fopen /home/starterx4/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: sntrup761x25519-sha512@openssh.com
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:RFzBCUItH9LZS0cKB5UE6ceAYhBD5C8GeOBip8Z11+4
debug1: load_hostkeys: fopen /home/starterx4/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'aur.archlinux.org' is known and matches the ED25519 host key.
debug1: Found key in /home/starterx4/.ssh/known_hosts:4
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 7 keys
debug1: Will attempt key: /home/starterx4/.ssh/aur3 RSA SHA256:cIa/dlOK9ZwAl1LVgsD4764XYKwpUS5Ponl4FiQ2yPM explicit agent
debug1: Will attempt key: /home/starterx4/.ssh/aur3 RSA SHA256:cIa/dlOK9ZwAl1LVgsD4764XYKwpUS5Ponl4FiQ2yPM explicit
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
debug1: kex_input_ext_info: publickey-hostbound@openssh.com=<0>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/starterx4/.ssh/aur3 RSA SHA256:cIa/dlOK9ZwAl1LVgsD4764XYKwpUS5Ponl4FiQ2yPM explicit agent
debug1: Authentications that can continue: publickey
debug1: Offering public key: /home/starterx4/.ssh/aur3 RSA SHA256:cIa/dlOK9ZwAl1LVgsD4764XYKwpUS5Ponl4FiQ2yPM explicit
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
starterx4@aur.archlinux.org: Permission denied (publickey).

I have no idea what's going on. Either something on my side, or AUR, or just got shadow-banned for something and not informed about it? So weird.

Last edited by StarterX4 (2022-11-30 20:40:32)

Offline

#2 2022-11-30 19:51:00

twelveeighty
Member
From: Alberta, Canada
Registered: 2011-09-04
Posts: 1,096

Re: [SOLVED] AUR: SSH keeps refusing the keys

Please edit your original post and use code tags, not quote tags.

What makes you think you can ssh into AUR as a regular user/login session? I haven't seen that documented anywhere and I doubt that's possible in the first place.

debug1: Authenticating to aur.archlinux.org:22 as 'starterx4'

See AUR Wiki. You cannot use arbitrary user names. It must be 'aur', as in: ssh://aur@aur.archlinux.org/pkgbase.git. But, again, don't try to establish a login session via SSH. Just configure Git for SSH communication.

Offline

#3 2022-11-30 20:39:28

StarterX4
Member
From: San Escobar
Registered: 2016-04-16
Posts: 4

Re: [SOLVED] AUR: SSH keeps refusing the keys

twelveeighty wrote:

What makes you think you can ssh into AUR as a regular user/login session? I haven't seen that documented anywhere and I doubt that's possible in the first place.

debug1: Authenticating to aur.archlinux.org:22 as 'starterx4'

See AUR Wiki. You cannot use arbitrary user names. It must be 'aur', as in: ssh://aur@aur.archlinux.org/pkgbase.git. But, again, don't try to establish a login session via SSH. Just configure Git for SSH communication.

Right, setting user to "aur" fixed the issue. Though I had this configured as a regular user for like 3 years now and it was working fine. Also it's not defined there it must be an "aur" user, and can be perceived as an example.

Offline

Board footer

Powered by FluxBB