Develop Reference

Unable to run command over SSH Paramiko

I am logged into a device and trying to run commands over the ssh connection. Whenever I run the command I get the prompt to enter a password I pass the password through stdin and the program gets stuck at stdout.readlines(). I think the reason for that is because paramiko is not able to pass the password for that command.
Can you help?
Below is the code that I am using
def SSH_Connection():
ssh = paramiko.SSHClient()
ssh.load_system_host_keys()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(device_ip, username=username, password=password,port=22)
print(command_to_run)
stdin, stdout, stderr = ssh.exec_command(command_to_run)
stdin.write(command_pass+'\n')
stdin.flush()
data = stdout.readlines()
ssh.close()
for line in data:
print(line)
SSH_Connection()
Output of ssh -vv username#host your_command:
OpenSSH_for_Windows_7.6p1, LibreSSL 2.6.4
debug2: resolving "host" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to host [host] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\temp/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\temp/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\temp/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\temp/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\temp/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\temp/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\temp/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\temp/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_7.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_12.1
debug1: match: OpenSSH_12.1 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to host:22 as 'admin'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
Cipher exchange happens
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key:
debug1: Host 'host' is known and matches the RSA host key.
debug1: Found key in C:\\Users\\temp/.ssh/known_hosts:16
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory
debug2: key: C:\\Users\\temp/.ssh/id_rsa (0000000000000000)
debug2: key: C:\\Users\\temp/.ssh/id_dsa (0000000000000000)
debug2: key: C:\\Users\\temp/.ssh/id_ecdsa (0000000000000000)
debug2: key: C:\\Users\\temp/.ssh/id_ed25519 (0000000000000000)
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
WARNING
Activity on this device, and attempted access, is logged.
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: C:\\Users\\temp/.ssh/id_rsa
debug1: Trying private key: C:\\Users\\temp/.ssh/id_dsa
debug1: Trying private key: C:\\Users\\temp/.ssh/id_ecdsa
debug1: Trying private key: C:\\Users\\temp/.ssh/id_ed25519
debug2: we did not send a packet, disable method
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
debug1: read_passphrase: can't open /dev/tty: No such file or directory
Password:
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 0
debug1: Authentication succeeded (keyboard-interactive).
Authenticated to host ([host]:22).
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug2: channel_input_open_confirmation: channel 0: callback start
debug2: fd 3 setting TCP_NODELAY
debug2: client_session2_setup: id 0
debug1: Sending command: my_command
debug2: channel 0: request exec confirm 1
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: exec request accepted on channel 0
The scenario is like after I run exec_command, it prompts for password. It's like when you run a sudo command OS asks you for password to run it like that as soon as I run the command I get prompted for password. My command is that I log in to a network device like a router and run a command and store the output and then check the output whether it ran successfully if not then what was the error. The code works for other commands. Wwhen I am running this command over cli it asks for password and then I enter the password and it runs. I tried using \r\n in stdin.write(command_pass+'\r\n') but it still gets stuck
Below is the shell channel code I used
def SSH_Connection_Shell:
ssh = paramiko.SSHClient()
ssh.load_system_host_keys()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(host, username=username, password=password,port=22)
channel = ssh.invoke_shell()
channel.send('\n')
channel.send(command_to_run+'\n')
channel.send(pass)
channel.send('\r\n')
channel.send('\n')
time.sleep(5)
out=channel.recv(9999)
print(out)
file = open('Output_Of_Commands.txt', 'ab')
file.write(out)
file.close()

can't connect ssh sh: 6000: command not found [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 years ago.
Improve this question
I'm trying to connect my server
and ssh show me: sh: 6000: command not found
blow is ssh verbose log and my sshd_config.
[~] # ssh -v admin#myserver -P 6000
OpenSSH_7.6p1, OpenSSL 1.0.2k 26 Jan 2017
debug1: Connecting to 192.168.50.21 [192.168.50.21] port 6000.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6
debug1: match: OpenSSH_7.6 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 192.168.50.216000 as 'admin'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:XTuaKA/5nJd1wol9+Ckp0or8XCx3Rd/0NGMIdT9lrro
debug1: Host '192.168.50.21' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:2
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:XTuaKA/5nJd1wol9+Ckp0or8XCx3Rd/0NGMIdT9lrro /root/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password
admin#192.168.50.21's password:
debug1: Authentication succeeded (password).
Authenticated to 192.168.50.21 ([192.168.50.21]6000).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00#openssh.com want_reply 0
debug1: Sending command: 6000
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow#openssh.com reply 0
sh: 6000: command not found
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2248, received 3052 bytes, in 0.2 seconds
Bytes per second: sent 14674.8, received 19923.2
debug1: Exit status 127
this is my sshd config
# $OpenBSD: sshd_config,v 1.74 2006/07/19 13:07:10 dtucker Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
#Port 22
#Protocol 2,1
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#UsePAM no
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
# no default banner path
#Banner /some/path
# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server
AllowUsers admin
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server
I don't know why this error show here.
And I use a mac software called ssh shell it can connect to my server.
I'm pretty sure the password is right.

Your commandline doesn't do what you think it does.
ssh -v admin#myserver -P 6000
-v enables some debug information
admin#myserver provides the remote user and remote host
-P 6000 does NOT attempt to connect to port 6000
The command you probably intended was:
ssh -v admin#myserver -p 6000
However, it turns out that -P is an undocumented argument that is accepted by ssh.
This leaves an unaccounted for argument 6000. ssh assumes this is a command that you want to run on the remote server. It doesn't exist, which results in the error shown:
sh: 6000: command not found

How to setup SSH keys for buildbot user

I'm trying to setup SSH keys for Buildbot's buildbot user, so it can clone my private repo without needing a username and password.
This is how I'm testing:
sudo -u buildbot bash
export HOME=/var/lib/buildbot
cd $HOME
mkdir git
cd git
git clone git#bitbucket.org:myproject/myrepo.git
the last step fails with:
Cloning into 'myrepo'...
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Why am I getting this error? I've confirmed my SSH key is correct with:
/var/lib/buildbot/.ssh folder exists with the correct permissions
/var/lib/buildbot/.ssh/id_rsa file exists with the correct permissions
/var/lib/buildbot/.ssh/id_rsa.pub file exists with the correct permissions
the content of /var/lib/buildbot/.ssh/id_rsa.pub file has been registered in my Bitbucket account as my SSH key
If I run:
ssh-agent bash -c 'ssh-add /var/lib/buildbot/.ssh/id_rsa; git clone git#bitbucket.org:myproject/myrepo.git'
then it clones my repo perfectly. Why isn't the normal command able to access my SSH key?
Edit: The output of ssh -vvv git#bitbucket.org is:
OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "bitbucket.org" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to bitbucket.org [104.192.143.2] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/buildbot/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/buildbot/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/buildbot/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/buildbot/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/buildbot/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/buildbot/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/buildbot/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/buildbot/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1
debug1: Remote protocol version 2.0, remote software version conker_1.0.288-e9ef8ea app-123
debug1: no match: conker_1.0.288-e9ef8ea app-123
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to bitbucket.org:22 as 'git'
debug3: hostkeys_foreach: reading file "/home/buildbot/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /home/buildbot/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from bitbucket.org
debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01#openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ssh-rsa-cert-v01#openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ssh-ed25519-cert-v01#openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com,zlib
debug2: compression stoc: none,zlib#openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-dss,ssh-rsa
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,arcfour256,arcfour128
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,arcfour256,arcfour128
debug2: MACs ctos: hmac-sha2-256,hmac-sha1,hmac-sha1-96
debug2: MACs stoc: hmac-sha2-256,hmac-sha1,hmac-sha1-96
debug2: compression ctos: none
debug2: compression stoc: none
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256#libssh.org
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ssh-rsa SHA256:zzXQOXSRBEiUtuE8AikJYKwbHaxvSc0ojez9YXaGp1A
debug3: hostkeys_foreach: reading file "/home/buildbot/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /home/buildbot/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from bitbucket.org
debug3: hostkeys_foreach: reading file "/home/buildbot/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /home/buildbot/.ssh/known_hosts:2
debug3: load_hostkeys: loaded 1 keys from 104.192.143.2
debug1: Host 'bitbucket.org' is known and matches the RSA host key.
debug1: Found key in /home/buildbot/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS received
debug2: key: /home/buildbot/.ssh/id_rsa ((nil))
debug2: key: /home/buildbot/.ssh/id_dsa ((nil))
debug2: key: /home/buildbot/.ssh/id_ecdsa ((nil))
debug2: key: /home/buildbot/.ssh/id_ed25519 ((nil))
debug3: send packet: type 5
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/buildbot/.ssh/id_rsa
debug3: no such identity: /home/buildbot/.ssh/id_rsa: No such file or directory
debug1: Trying private key: /home/buildbot/.ssh/id_dsa
debug3: no such identity: /home/buildbot/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/buildbot/.ssh/id_ecdsa
debug3: no such identity: /home/buildbot/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/buildbot/.ssh/id_ed25519
debug3: no such identity: /home/buildbot/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
Edit: Updating buildbot's home directory in /etc/passwd to point to /var/lib/buildbot causes more problems. Now I can't even access buildbot's home directory as buildbot:
$ sudo -u buildbot bash
$ echo $HOME
/home/ubuntu
$ export HOME=/var/lib/buildbot
$ cd $HOME
bash: cd: /var/lib/buildbot: Permission denied

Buildbot now supports specifying private SSH keys (these changes will be released as part of buildbot 1.3.0). See https://github.com/buildbot/buildbot/pull/4178 and https://github.com/buildbot/buildbot/pull/4160
Disclaimer: I'm the author of these PRs :-)

OpenSSH is not using environment variable $HOME, as you can see from the log, but uses directly the getpwnam() functions to get the real home directory of running user (/home/buildbot/).
You either have to fix it in /etc/passwd or use the ssh-agent or IdentityFile option/config value to the ssh to make ssh use this key.

openssh seamless login does not work

Have been trying to setup the seamless ssh login across couple of servers but running into issues as after copying the public key the ssh to the host still asks for the password. Here is what I did
[root#app6 .ssh]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
e9:e9:b4:e5:50:7b:9b:f6:3f:d5:65:52:39:9c:ba:38 root#app6
The key's randomart image is:
+--[ RSA 2048]----+
| . o|
| =.|
| ...|
| . .. o|
| S . . .oo|
| . o E . o|
| = o o .|
| o = ..o . |
| o ..o...o|
+-----------------+
And then copied the id to the host
[root#app6 .ssh]# ssh-copy-id app3
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
\S
Kernel \r on an \m
Password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'app3'"
and check to make sure that only the key(s) you wanted were added.
But when I try to login then it does not work (asks for password) –
[root#app6 .ssh]# ssh 'app3'
\S
Kernel \r on an \m
Password:
I should not be seeing the 'Password:' prompt. Apparently something is amiss.
Here is the version of ssh that is running:
[root#app6 ~]# ssh -V
OpenSSH_6.6.1p1, OpenSSL 1.0.1e-fips 11 Feb 2013
Adding the output of ssh -vvv app3 below:
debug3: load_hostkeys: loading entries for host "172.27.36.104" from file "/root/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /root/.ssh/known_hosts:5
debug3: load_hostkeys: loaded 1 keys
debug1: Host '172.27.36.104' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:5
debug1: ssh_ecdsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/id_rsa (0x7f471042f250),
debug2: key: /root/.ssh/id_dsa ((nil)),
debug2: key: /root/.ssh/id_ecdsa (0x7f4710433730),
debug2: key: /root/.ssh/id_ed25519 ((nil)),
debug3: input_userauth_banner
\S
Kernel \r on an \m
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-keyex
debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-keyex
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug2: we did not send a packet, disable method
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug1: Unspecified GSS failure. Minor code may provide more information
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa: No such file or directory
debug1: Offering ECDSA public key: /root/.ssh/id_ecdsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
debug1: Trying private key: /root/.ssh/id_ed25519
debug3: no such identity: /root/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:

Check the following
The directory app3:~/.ssh has permissions 0700
The file app3:~/.ssh/authorized_keys has permissions 0600
The key app6:~/.ssh/id_rsa.pub exists in app3:~/.ssh/authorized_keys
Check sshd config file
PermitRootLogin yes
RSAAuthentication yes
PubkeyAuthentication yes
If all the above is correct, then run ssh -vvv app3 to see a very verbose connection info. It should provide feedback on why the password-less login fails.

comment for #yk11 's answer:
4.check the sshd config file
PermitRootLogin yes
RSAAuthentication yes
PubkeyAuthentication yes
open these config and restart sshd process.

How to Reverse SSH from Shell Script

Good afternoon,
I am trying to establish a reverse SSH connection using a shell script.
Below is my calling command, from client to host, and back to client: (important data is replaced with xxxxxx)
ssh -o StrictHostKeyChecking=no -o ConnectTimeout=15 -R 19999:localhost:22 admin#xx.xxx.xx.xx -v "sshpass -p xxxxxxx ssh -f -N -q -L 0.0.0.0:81:localhost:80 root#localhost -p 19999"
Show Below are the Output from SSH and from Netstat commands
The connection does show up on Netstat unfortunately, it shows up as TIME_WAIT instead of ESTABLISHED and I cannot access port 80 on client from another machine (by accessing port 81 on host)
Is this the correct way to establish Reverse SSH connection without having to type anything on the host?
If I run the two commands manually
ssh -o StrictHostKeyChecking=no -o ConnectTimeout=15 -R 19999:localhost:22 dmin#xx.xxx.xx.xx -v
and
sshpass -p xxxxxxx ssh -f -N -q -L 0.0.0.0:81:localhost:80 root#localhost -p 19999
Everything work, Once it's connected to the host, I do not have any problems, however I cannot do it this way from a script file.
EDIT: I tried different combinations of using -f -N and -q on the client and the host portion of the commands, but I haven't had any successful results. The best I've gotten was to display the client's firmware welcome message
Netstat output after the command was executed:
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 xxx.xxxxxxxxx.myvzw.com:xxxx xxxx.us-west-1.compute.xxxxx.com:ssh TIME_WAIT
tcp 0 0 localhost:49553 localhost:ssh TIME_WAIT
udp 0 0 xxx.xxxxxxxxx.myvzw.com:xxxx xxxxxxx:ntp ESTABLISHED
Active UNIX domain sockets (w/o servers)
Debug Output from top SSH command
OpenSSH_6.6, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to xx.xxx.xxx.xx [xx.xxx.xxx.xx] port 22.
debug1: fd 3 clearing O_NONBLOCK
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.0p1 Debian-4
debug1: match: OpenSSH_6.0p1 Debian-4 pat OpenSSH* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
debug1: Host 'xx:xxx:xxx:xx' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:5
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Authenticated to xx:xxx:xxx:xx ([xx:xxx:xxx:xx]:22).
debug1: Remote connections from LOCALHOST:19999 forwarded to local address localhost:22
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug1: remote forward success for: listen 19999, connect localhost:22
debug1: All remote forwarding requests processed
debug1: Sending command: sleep 5; sshpass -p xxxxxxx ssh -f -N -q -L 0.0.0.0:1195:localhost:1194 root#localhost -p 19999
debug1: client_input_channel_open: ctype forwarded-tcpip rchan 3 win 2097152 max 32768
debug1: client_request_forwarded_tcpip: listen localhost port 19999, originator ::1 port 38767
debug1: connect_next: host localhost ([127.0.0.1]:22) in progress, fd=7
debug1: channel 1: new [::1]
debug1: confirm forwarded-tcpip
debug1: channel 1: connected to localhost port 22
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow#openssh.com reply 0
debug1: channel 0: free: client-session, nchannels 2
debug1: channel 1: free: ::1, nchannels 1
Transferred: sent 4768, received 4176 bytes, in 10.4 seconds
Bytes per second: sent 459.7, received 402.6
debug1: Exit status 0
Thank you,

I seem to have been able to establish a reverse connection by applying some "sleep" commands
Below is my command
ssh -o StrictHostKeyChecking=no -o ConnectTimeout=15 -f -R 19999:localhost:22 admin#XX.XXX.XXX.XX -v "sleep 5; sshpass -p XXXXXX ssh -L 0.0.0.0:81:localhost:81 root#localhost -p 19999 -v \"sleep 120\" sleep 120"
So basically I am putting the ssh process to sleep before finishing the second connection and placing the second connection to sleep right afterwards.
Interestingly enough, the connection doesn't cease after 120 seconds, it stays up. If someone would be kind enough to explain why this works, or if there is a better method, please reply
Thanks