Related
Aim : Do SCP across 2 VMs with PORT and IP Forwarding in sshd_config file of VM1.
There are 2 servers serverX, serverY.
I would like to transfer a file from my windows machine to remote machine(serverY). But I can't reach serverY directly, hence I am routed via serverX.
Here's how the configuration of serverX portX's /etc/ssh/sshd_config looks
Match user arunch3x
AllowStreamLocalForwarding yes
AllowAgentForwarding yes
AllowTcpForwarding yes
GatewayPorts yes
X11Forwarding yes
PasswordAuthentication yes
AllowTCPForwarding yes
ForceCommand ssh arunch3x#serverY -p portY
When I do ssh to serverX portX, I am automatically routed to serverY portY. SSH is fine.
But When I do SCP to serverX portX, its not getting completed, it goes into hang-mode.
Expectation: When I do SCP to serverX portX, it must automatically route to serverY portY as per the configurations and file must land in to serverY portY
Please refer to this SCP command that I am running from Windows machine.
scp -P portX tests.json arunch3x#serverX:/tmp/tests.json
As per the above command file tests.json must land in serverY portY directory /tmp as /tmp/tests/json
Error :
After executing above command it goes into hang mode.
scp -P 30600 tests.json arunch3x#10.74.188.44:/tmp/tests.json
scp -P 30600 tests.json arunch3x#serverY:/tmp/tests.json
Pseudo-terminal will not be allocated because stdin is not a terminal.
OpenSSH_8.2p1 Ubuntu-4ubuntu0.4, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /home/arunch3x/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolve_canonicalize: hostname serverY is address
debug2: ssh_connect_direct
debug1: Connecting to serverY [serverY] port portY.
debug1: Connection established.
debug1: identity file /home/arunch3x/.ssh/id_rsa type 0
debug1: identity file /home/arunch3x/.ssh/id_rsa-cert type -1
debug1: identity file /home/arunch3x/.ssh/id_dsa type -1
debug1: identity file /home/arunch3x/.ssh/id_dsa-cert type -1
debug1: identity file /home/arunch3x/.ssh/id_ecdsa type -1
debug1: identity file /home/arunch3x/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/arunch3x/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/arunch3x/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/arunch3x/.ssh/id_ed25519 type -1
debug1: identity file /home/arunch3x/.ssh/id_ed25519-cert type -1
debug1: identity file /home/arunch3x/.ssh/id_ed25519_sk type -1
debug1: identity file /home/arunch3x/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/arunch3x/.ssh/id_xmss type -1
debug1: identity file /home/arunch3x/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.4
debug1: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.4 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to serverY:portY as 'arunch3x'
debug3: put_host_port: [serverY]:portY
debug3: hostkeys_foreach: reading file "/home/arunch3x/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/arunch3x/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from [serverY]:portY
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256-cert-v01#openssh.com,ssh-ed25519-cert-v01#openssh.com,sk-ssh-ed25519-cert-v01#openssh.com,rsa-sha2-512-cert-v01#openssh.com,rsa-sha2-256-cert-v01#openssh.com,ssh-rsa-cert-v01#openssh.com,sk-ecdsa-sha2-nistp256#openssh.com,ssh-ed25519,sk-ssh-ed25519#openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com,zlib
debug2: compression stoc: none,zlib#openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com
debug2: compression stoc: none,zlib#openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:W6y6gFSbfWwMcRWvyhJVCdwYeEy0NlEMpFtcn2lvitA
debug3: put_host_port: [serverY]:portY
debug3: put_host_port: [serverY]:portY
debug3: hostkeys_foreach: reading file "/home/arunch3x/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/arunch3x/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from [serverY]:portY
debug3: hostkeys_foreach: reading file "/home/arunch3x/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/arunch3x/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from [serverY]:portY
debug1: Host '[serverY]:portY' is known and matches the ECDSA host key.
debug1: Found key in /home/arunch3x/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /home/arunch3x/.ssh/id_rsa RSA SHA256:0TeS5DDHX3zEccKYK6uMjpwcNPm+gW5l29fzH5rb4cA
debug1: Will attempt key: /home/arunch3x/.ssh/id_dsa
debug1: Will attempt key: /home/arunch3x/.ssh/id_ecdsa
debug1: Will attempt key: /home/arunch3x/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/arunch3x/.ssh/id_ed25519
debug1: Will attempt key: /home/arunch3x/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/arunch3x/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519#openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256#openssh.com>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/arunch3x/.ssh/id_rsa RSA SHA256:0TeS5DDHX3zEccKYK6uMjpwcNPm+gW5l29fzH5rb4cA
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: /home/arunch3x/.ssh/id_rsa RSA SHA256:0TeS5DDHX3zEccKYK6uMjpwcNPm+gW5l29fzH5rb4cA
debug3: sign_and_send_pubkey: RSA SHA256:0TeS5DDHX3zEccKYK6uMjpwcNPm+gW5l29fzH5rb4cA
debug3: sign_and_send_pubkey: signing using rsa-sha2-512 SHA256:0TeS5DDHX3zEccKYK6uMjpwcNPm+gW5l29fzH5rb4cA
debug3: send packet: type 50
debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
Authenticated to serverY ([serverY]:portY).
debug3: ssh_init_stdio_forwarding: serverY:portY
debug1: channel_connect_stdio_fwd serverY:portY
debug1: channel 0: new [stdio-forward]
debug2: fd 4 setting O_NONBLOCK
debug2: fd 5 setting O_NONBLOCK
debug1: getpeername failed: Bad file descriptor
debug3: send packet: type 90
debug2: fd 3 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x10
debug1: Requesting no-more-sessions#openssh.com
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: receive packet: type 80
debug1: client_input_global_request: rtype hostkeys-00#openssh.com want_reply 0
debug3: receive packet: type 4
debug1: Remote: /home/arunch3x/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug3: receive packet: type 4
debug1: Remote: /home/arunch3x/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug3: receive packet: type 91
debug2: channel_input_open_confirmation: channel 0: callback start
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 2097152 rmax 32768
Welcome to Ubuntu 20.04.2 LTS (GNU/Linux 5.4.0-104-generic x86_64)
PS C:\Users\arunch3x\OneDrive - Intel Corporation\Documents\tests> debug3: send packet: type 1
debug1: channel 0: free: direct-tcpip: listening port 0 for serverY port portY, connect from 127.0.0.1 port 65535 to UNKNOWN port 65536, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 direct-tcpip: listening port 0 for serverY port portY, connect from 127.0.0.1 port 65535 to UNKNOWN port 65536 (t4 r0 i0/0 o0/0 e[closed]/0 fd 4/5/-1 sock -1 cc -1)
debug1: fd 0 clearing O_NONBLOCK
debug3: fd 1 is not O_NONBLOCK
debug3: fd 2 is not O_NONBLOCK
Killed by signal 1.
Command line just hangs on showing above error.
Can someone please share some inputs.
Hello today i am trying to connect to a ssh host but im facing some problems, i already generated a rsa public key and tried to connect to the host but this error keeps appearing :
kex_exchange_identification: read: Connection reset by peer
I already did connect once to the host but once i restarded my machine the same problem appeared.
Sometimes when i move to the next phase where i should input the password this appears: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password)
This is the debugger output:
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolving "appserver.alunos.di.fc.ul.pt" port 22
debug2: ssh_connect_direct
debug1: Connecting to appserver.alunos.di.fc.ul.pt [194.117.22.70] port 22.
debug1: Connection established.
debug1: identity file /home/bruno/.ssh/id_rsa type 0
debug1: identity file /home/bruno/.ssh/id_rsa-cert type -1
debug1: identity file /home/bruno/.ssh/id_dsa type -1
debug1: identity file /home/bruno/.ssh/id_dsa-cert type -1
debug1: identity file /home/bruno/.ssh/id_ecdsa type -1
debug1: identity file /home/bruno/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/bruno/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/bruno/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/bruno/.ssh/id_ed25519 type -1
debug1: identity file /home/bruno/.ssh/id_ed25519-cert type -1
debug1: identity file /home/bruno/.ssh/id_ed25519_sk type -1
debug1: identity file /home/bruno/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/bruno/.ssh/id_xmss type -1
debug1: identity file /home/bruno/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.4
kex_exchange_identification: read: Connection reset by peer
And in the next phase this is the debugger output
OpenSSH_8.2p1 Ubuntu-4ubuntu0.4, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolving "appserver.alunos.di.fc.ul.pt" port 22
debug2: ssh_connect_direct
debug1: Connecting to appserver.alunos.di.fc.ul.pt [194.117.22.70] port 22.
debug1: Connection established.
debug1: identity file /home/bruno/.ssh/id_rsa type 0
debug1: identity file /home/bruno/.ssh/id_rsa-cert type -1
debug1: identity file /home/bruno/.ssh/id_dsa type -1
debug1: identity file /home/bruno/.ssh/id_dsa-cert type -1
debug1: identity file /home/bruno/.ssh/id_ecdsa type -1
debug1: identity file /home/bruno/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/bruno/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/bruno/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/bruno/.ssh/id_ed25519 type -1
debug1: identity file /home/bruno/.ssh/id_ed25519-cert type -1
debug1: identity file /home/bruno/.ssh/id_ed25519_sk type -1
debug1: identity file /home/bruno/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/bruno/.ssh/id_xmss type -1
debug1: identity file /home/bruno/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000002
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to appserver.alunos.di.fc.ul.pt:22 as 'psi028'
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,sk-ecdsa-sha2-nistp256-cert-v01#openssh.com,ssh-ed25519-cert-v01#openssh.com,sk-ssh-ed25519-cert-v01#openssh.com,rsa-sha2-512-cert-v01#openssh.com,rsa-sha2-256-cert-v01#openssh.com,ssh-rsa-cert-v01#openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256#openssh.com,ssh-ed25519,sk-ssh-ed25519#openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com,zlib
debug2: compression stoc: none,zlib#openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-rsa,ssh-dss
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,arcfour
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,arcfour
debug2: MACs ctos: hmac-sha1,hmac-ripemd160
debug2: MACs stoc: hmac-sha1,hmac-ripemd160
debug2: compression ctos: none,zlib#openssh.com
debug2: compression stoc: none,zlib#openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha1 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha1 compression: none
debug3: send packet: type 34
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<7680<8192) sent
debug3: receive packet: type 31
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug2: bits set: 4068/8192
debug3: send packet: type 32
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug3: receive packet: type 33
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:wUjrYSdnZfF4ABGfaHJ6AlVfaG8xX/4vvaGEiByZ9ng
The authenticity of host 'appserver.alunos.di.fc.ul.pt (194.117.22.70)' can't be established.
RSA key fingerprint is SHA256:wUjrYSdnZfF4ABGfaHJ6AlVfaG8xX/4vvaGEiByZ9ng.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'appserver.alunos.di.fc.ul.pt,194.117.22.70' (RSA) to the list of known hosts.
debug2: bits set: 4060/8192
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 4294967296 blocks
debug1: Will attempt key: /home/bruno/.ssh/id_rsa RSA SHA256:6rTqqVfQAWsIDRp0CTHP0lQsZFDYB7d7G/wldGg8ZZQ
debug1: Will attempt key: /home/bruno/.ssh/id_dsa
debug1: Will attempt key: /home/bruno/.ssh/id_ecdsa
debug1: Will attempt key: /home/bruno/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/bruno/.ssh/id_ed25519
debug1: Will attempt key: /home/bruno/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/bruno/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available (default cache: FILE:/tmp/krb5cc_1000)
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available (default cache: FILE:/tmp/krb5cc_1000)
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/bruno/.ssh/id_rsa RSA SHA256:6rTqqVfQAWsIDRp0CTHP0lQsZFDYB7d7G/wldGg8ZZQ
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /home/bruno/.ssh/id_dsa
debug3: no such identity: /home/bruno/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/bruno/.ssh/id_ecdsa
debug3: no such identity: /home/bruno/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/bruno/.ssh/id_ecdsa_sk
debug3: no such identity: /home/bruno/.ssh/id_ecdsa_sk: No such file or directory
debug1: Trying private key: /home/bruno/.ssh/id_ed25519
debug3: no such identity: /home/bruno/.ssh/id_ed25519: No such file or directory
debug1: Trying private key: /home/bruno/.ssh/id_ed25519_sk
debug3: no such identity: /home/bruno/.ssh/id_ed25519_sk: No such file or directory
debug1: Trying private key: /home/bruno/.ssh/id_xmss
debug3: no such identity: /home/bruno/.ssh/id_xmss: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
psi028#appserver.alunos.di.fc.ul.pt's password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
Permission denied, please try again.
psi028#appserver.alunos.di.fc.ul.pt's password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
Permission denied, please try again.
psi028#appserver.alunos.di.fc.ul.pt's password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
psi028#appserver.alunos.di.fc.ul.pt: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
What am i missing here, could it be from my configuration?
Command use to generate keys: ssh-keygen -o -t rsa -C "fc54406#alunos.fc.ul.pt"
I am running the following in a script:
pubkey=$(gpg2 --verbose --export-ssh-key $EXPORT_THIS_ID)
sshpass -p$REMOTE_PASS ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -tt -p $REMOTE_PORT root#$REMOTE_MACHINE 'bash -s' < ./adopt-machine.sh "\"$pubkey\""
as a child process in node.js with stdout and stderr piped over http (no tty, hence the -tt option for the ssh command) and am receiving the following error:
Received disconnect from 172.18.0.4 port 2222:2: Too many authentication failures
Disconnected from 172.18.0.4 port 2222
I've read that this error is a result of the agent attempt to connect using keys one at a time which is why I would think the error is related to tty(incorrect handling of password). Help?
EDIT: I no longer require piping stdout over http but am having the same issue. It may be unrelated to tty.
Using the ssh command without -tt as follows:
result=$(sshpass -p$REMOTE_PASS ssh -vvv -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -p $REMOTE_PORT root#$REMOTE_MACHINE 'bash -s' < /usr/raindrop/app/gpg/adopt-machine "\"$pubkey\"" 2>&1)
results in the following output:
OpenSSH_8.8p1, OpenSSL 1.1.1n 15 Mar 2022
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/root/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/root/.ssh/known_hosts2'
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug2: resolving "sandbox" port 2222
debug3: resolve_host: lookup sandbox:2222
debug3: ssh_connect_direct: entering
debug1: Connecting to sandbox [172.18.0.2] port 2222.
debug3: set_sock_tos: set socket 3 IP_TOS 0x48
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa_sk type -1
debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: identity file /root/.ssh/id_ed25519_sk type -1
debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /root/.ssh/id_xmss type -1
debug1: identity file /root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8
debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to sandbox:2222 as 'root'
debug3: put_host_port: [sandbox]:2222
debug1: load_hostkeys: fopen /root/.ssh/known_hosts: No such file or directory
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug3: order_hostkeyalgs: no algorithms matched; accept original
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: ssh-ed25519-cert-v01#openssh.com,ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,sk-ssh-ed25519-cert-v01#openssh.com,sk-ecdsa-sha2-nistp256-cert-v01#openssh.com,rsa-sha2-512-cert-v01#openssh.com,rsa-sha2-256-cert-v01#openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519#openssh.com,sk-ecdsa-sha2-nistp256#openssh.com,rsa-sha2-512,rsa-sha2-256
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com,zlib
debug2: compression stoc: none,zlib#openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com
debug2: compression stoc: none,zlib#openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:OtNG6kv5Aog+3ngJbi9PG6sLyOx2Oqjo8nGqqmCV9s4
debug3: put_host_port: [172.18.0.2]:2222
debug3: put_host_port: [sandbox]:2222
debug1: load_hostkeys: fopen /root/.ssh/known_hosts: No such file or directory
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: checking without port identifier
debug1: load_hostkeys: fopen /root/.ssh/known_hosts: No such file or directory
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
Warning: Permanently added '[sandbox]:2222' (ED25519) to the list of known hosts.
debug1: check_host_key: hostkey not known or explicitly trusted: disabling UpdateHostkeys
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /root/.ssh/id_rsa
debug1: Will attempt key: /root/.ssh/id_dsa
debug1: Will attempt key: /root/.ssh/id_ecdsa
debug1: Will attempt key: /root/.ssh/id_ecdsa_sk
debug1: Will attempt key: /root/.ssh/id_ed25519
debug1: Will attempt key: /root/.ssh/id_ed25519_sk
debug1: Will attempt key: /root/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519#openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256#openssh.com,webauthn-sk-ecdsa-sha2-nistp256#openssh.com>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug3: no such identity: /root/.ssh/id_rsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ecdsa
debug3: no such identity: /root/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ecdsa_sk
debug3: no such identity: /root/.ssh/id_ecdsa_sk: No such file or directory
debug1: Trying private key: /root/.ssh/id_ed25519
debug3: no such identity: /root/.ssh/id_ed25519: No such file or directory
debug1: Trying private key: /root/.ssh/id_ed25519_sk
debug3: no such identity: /root/.ssh/id_ed25519_sk: No such file or directory
debug1: Trying private key: /root/.ssh/id_xmss
debug3: no such identity: /root/.ssh/id_xmss: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred:
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
Similarly to what I theorized, ssh is attempting to use non existent keys in the .ssh directory.
I have resolved my issue and it had nothing to do with my code. Using sshpass -v I got this message:
SSHPASS: detected prompt, again. Wrong password. Terminating.
Wrong password...
I'm trying to establish a connection with some servers from my Ubuntu 20.04 cp. I use both Kerberos and ssh protocols to connect my computer; however, I received from ssh the following:"Permission denied (gssapi-keyex,gssapi-with-mic)". Kerberos seems to work properly since I have successfully received tickets from it. I looked for similar questions before but no one have helped me so far.
If relevant during the installation process i create a file called "config" where i paste some line of code required for ssh. My procedure was the following 1) cd .ssh 2)touch config 3)sudo nano config (where i copy and paste the lines) 4) and then restart ssh and sshd services.
Any help would be awesome and thanks for your time guys!:)
here is a part of the prompt after type ssh -vvv -Y...
debug1: Reading configuration data /home/zulu0499/.ssh/config
debug1: /home/zulu0499/.ssh/config line 1: Applying options for *.fnal.gov
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolving "emphaticgpvm01.fnal.gov" port 22
debug2: ssh_connect_direct
debug1: Connecting to emphaticgpvm01.fnal.gov [131.225.240.241] port 22.
debug1: Connection established.
...
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic
debug3: start over, passed a different list gssapi-keyex,gssapi-with-mic
debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug3: send packet: type 50
debug2: we sent a gssapi-with-mic packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic
debug3: send packet: type 50
debug2: we sent a gssapi-with-mic packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
ydeniz#emphaticgpvm01.fnal.gov: Permission denied (gssapi-keyex,gssapi-with-mic)```
Have been trying to setup the seamless ssh login across couple of servers but running into issues as after copying the public key the ssh to the host still asks for the password. Here is what I did
[root#app6 .ssh]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
e9:e9:b4:e5:50:7b:9b:f6:3f:d5:65:52:39:9c:ba:38 root#app6
The key's randomart image is:
+--[ RSA 2048]----+
| . o|
| =.|
| ...|
| . .. o|
| S . . .oo|
| . o E . o|
| = o o .|
| o = ..o . |
| o ..o...o|
+-----------------+
And then copied the id to the host
[root#app6 .ssh]# ssh-copy-id app3
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
\S
Kernel \r on an \m
Password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'app3'"
and check to make sure that only the key(s) you wanted were added.
But when I try to login then it does not work (asks for password) –
[root#app6 .ssh]# ssh 'app3'
\S
Kernel \r on an \m
Password:
I should not be seeing the 'Password:' prompt. Apparently something is amiss.
Here is the version of ssh that is running:
[root#app6 ~]# ssh -V
OpenSSH_6.6.1p1, OpenSSL 1.0.1e-fips 11 Feb 2013
Adding the output of ssh -vvv app3 below:
debug3: load_hostkeys: loading entries for host "172.27.36.104" from file "/root/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /root/.ssh/known_hosts:5
debug3: load_hostkeys: loaded 1 keys
debug1: Host '172.27.36.104' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:5
debug1: ssh_ecdsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/id_rsa (0x7f471042f250),
debug2: key: /root/.ssh/id_dsa ((nil)),
debug2: key: /root/.ssh/id_ecdsa (0x7f4710433730),
debug2: key: /root/.ssh/id_ed25519 ((nil)),
debug3: input_userauth_banner
\S
Kernel \r on an \m
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-keyex
debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-keyex
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug2: we did not send a packet, disable method
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug1: Unspecified GSS failure. Minor code may provide more information
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa: No such file or directory
debug1: Offering ECDSA public key: /root/.ssh/id_ecdsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
debug1: Trying private key: /root/.ssh/id_ed25519
debug3: no such identity: /root/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:
Check the following
The directory app3:~/.ssh has permissions 0700
The file app3:~/.ssh/authorized_keys has permissions 0600
The key app6:~/.ssh/id_rsa.pub exists in app3:~/.ssh/authorized_keys
Check sshd config file
PermitRootLogin yes
RSAAuthentication yes
PubkeyAuthentication yes
If all the above is correct, then run ssh -vvv app3 to see a very verbose connection info. It should provide feedback on why the password-less login fails.
comment for #yk11 's answer:
4.check the sshd config file
PermitRootLogin yes
RSAAuthentication yes
PubkeyAuthentication yes
open these config and restart sshd process.