I am trying to use the windows SFTP command to connect to a server using a .pem openssh key file.
This command works on my own PC and on a LINUX AWS server however when I copy the y.pem file to an AWS windows server and try to connect from there, it gives the error below and asks for a non existent password. There is no passphrase or password to enter, only a .pem file is used to authenticate.
I am also able to connect from this windows server using filezilla so I am at a loss as to why the sftp fails?
sftp -vvv -i y.pem rdg-test-sftp#xxxxx.com
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: y.pem
debug3: sign_and_send_pubkey: RSA SHA256:1hkUUEqCCk5Uy9jTbQ9hclYk7swm+dODpWFE3FXecIc
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
debug3: failed to open file:C:/dev/tty error:3
debug1: read_passphrase: can't open /dev/tty: No such file or directory
rdg-test-fstp#xxxxx.com's password:
Connection closed
I am struggling to authenticate with gerrit.openbmc-project.xyz using ssh.
I am trying to use ssh on windows.
My .ssh\config looks like this:
Host openbmc.gerrit
Hostname gerrit.openbmc-project.xyz
Port 29418
User patelutpal
The contents of my *.ssh* directory look like this:
-rw-r--r-- 1 utpalp 1049089 107 Dec 7 23:04 config
-rw-r--r-- 1 utpalp 1049089 411 Dec 7 21:10 id_ed25519
-rw-r--r-- 1 utpalp 1049089 97 Dec 7 21:10 id_ed25519.pub
-rw-r--r-- 1 utpalp 1049089 3381 Dec 7 22:14 id_rsa
-rw-r--r-- 1 utpalp 1049089 741 Dec 7 22:14 id_rsa.pub
-rw-r--r-- 1 utpalp 1049089 419 Dec 7 22:53 known_hosts
I have logged into gerrit.openbmc-project.xyz with my github account with id patelutpal.
I have added id_rsa.pub ssh key to my settings in https://gerrit.openbmc-project.xyz/settings/#SSHKeys
When I try:
C:\Users\utpalp\git>ssh -p 29418 -vvvt patelutpal#gerrit.openbmc-project.xyz
I get the following output.
OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2
debug1: Reading configuration data C:\\Users\\utpalp/.ssh/config
debug3: Failed to open file:C:/ProgramData/ssh/ssh_config error:2
debug2: resolving "gerrit.openbmc-project.xyz" port 29418
debug2: ssh_connect_direct
debug1: Connecting to gerrit.openbmc-project.xyz [169.44.58.24] port 29418.
debug1: Connection established.
debug1: identity file C:\\Users\\utpalp/.ssh/id_rsa type 0
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_rsa-cert error:2
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_rsa-cert.pub error:2
debug1: identity file C:\\Users\\utpalp/.ssh/id_rsa-cert type -1
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_dsa error:2
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_dsa.pub error:2
debug1: identity file C:\\Users\\utpalp/.ssh/id_dsa type -1
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_dsa-cert error:2
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_dsa-cert.pub error:2
debug1: identity file C:\\Users\\utpalp/.ssh/id_dsa-cert type -1
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_ecdsa error:2
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_ecdsa.pub error:2
debug1: identity file C:\\Users\\utpalp/.ssh/id_ecdsa type -1
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_ecdsa-cert error:2
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_ecdsa-cert.pub error:2
debug1: identity file C:\\Users\\utpalp/.ssh/id_ecdsa-cert type -1
debug1: identity file C:\\Users\\utpalp/.ssh/id_ed25519 type 3
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_ed25519-cert error:2
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_ed25519-cert.pub error:2
debug1: identity file C:\\Users\\utpalp/.ssh/id_ed25519-cert type -1
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_xmss error:2
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_xmss.pub error:2
debug1: identity file C:\\Users\\utpalp/.ssh/id_xmss type -1
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_xmss-cert error:2
debug3: Failed to open file:C:/Users/utpalp/.ssh/id_xmss-cert.pub error:2
debug1: identity file C:\\Users\\utpalp/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version GerritCodeReview_3.2.6 (APACHE-SSHD-2.4.0)
debug1: no match: GerritCodeReview_3.2.6 (APACHE-SSHD-2.4.0)
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to gerrit.openbmc-project.xyz:29418 as 'patelutpal'
debug3: put_host_port: [gerrit.openbmc-project.xyz]:29418
debug3: hostkeys_foreach: reading file "C:\\Users\\utpalp/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file C:\\Users\\utpalp/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from [gerrit.openbmc-project.xyz]:29418
debug3: Failed to open file:C:/Users/utpalp/.ssh/known_hosts2 error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01#openssh.com,rsa-sha2-512-cert-v01#openssh.com,rsa-sha2-256-cert-v01#openssh.com,ssh-rsa-cert-v01#openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com,zlib
debug2: compression stoc: none,zlib#openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group18-sha512,diffie-hellman-group17-sha512,diffie-hellman-group16-sha512,diffie-hellman-group15-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96
debug2: MACs stoc: hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96
debug2: compression ctos: none
debug2: compression stoc: none
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256-etm#openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256-etm#openssh.com compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:LCaJB3JewPu5SBvlqsZfvKJD7yOVi7YaLWAEjsHSG60
debug3: put_host_port: [169.44.58.24]:29418
debug3: put_host_port: [gerrit.openbmc-project.xyz]:29418
debug3: hostkeys_foreach: reading file "C:\\Users\\utpalp/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file C:\\Users\\utpalp/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from [gerrit.openbmc-project.xyz]:29418
debug3: Failed to open file:C:/Users/utpalp/.ssh/known_hosts2 error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
debug3: hostkeys_foreach: reading file "C:\\Users\\utpalp/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file C:\\Users\\utpalp/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from [169.44.58.24]:29418
debug3: Failed to open file:C:/Users/utpalp/.ssh/known_hosts2 error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
debug1: Host '[gerrit.openbmc-project.xyz]:29418' is known and matches the ECDSA host key.
debug1: Found key in C:\\Users\\utpalp/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 4294967296 blocks
debug1: Will attempt key: C:\\Users\\utpalp/.ssh/id_rsa RSA SHA256:obA7xm+M+BuNoN/miSnhiIZmPbCIdpvMTj+xu8SRDsI
debug1: Will attempt key: C:\\Users\\utpalp/.ssh/id_dsa
debug1: Will attempt key: C:\\Users\\utpalp/.ssh/id_ecdsa
debug1: Will attempt key: C:\\Users\\utpalp/.ssh/id_ed25519 ED25519 SHA256:zOx6/ktAHFTrf/yC4zBC55mEbfRZHF290Q29st34SA0
debug1: Will attempt key: C:\\Users\\utpalp/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: C:\\Users\\utpalp/.ssh/id_rsa RSA SHA256:obA7xm+M+BuNoN/miSnhiIZmPbCIdpvMTj+xu8SRDsI
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Trying private key: C:\\Users\\utpalp/.ssh/id_dsa
debug3: no such identity: C:\\Users\\utpalp/.ssh/id_dsa: No such file or directory
debug1: Trying private key: C:\\Users\\utpalp/.ssh/id_ecdsa
debug3: no such identity: C:\\Users\\utpalp/.ssh/id_ecdsa: No such file or directory
debug1: Offering public key: C:\\Users\\utpalp/.ssh/id_ed25519 ED25519 SHA256:zOx6/ktAHFTrf/yC4zBC55mEbfRZHF290Q29st34SA0
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Trying private key: C:\\Users\\utpalp/.ssh/id_xmss
debug3: no such identity: C:\\Users\\utpalp/.ssh/id_xmss: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
patelutpal#gerrit.openbmc-project.xyz: Permission denied (publickey).
I dont know what to do. I think I have done all the right things. I wonder if this is a server side error. Can someone please help?
I will gladly provide more information if needed.
Thank you.
-Utpal
Context
OpenSSH 8.8 disables RSA signatures using the SHA-1 hash algorithm because they are considered cryptographically broken.
Git for Windows 2.33.1 upgrades OpenSSH to 8.8.
Note that this is a client side restriction.
Error
When trying to use a newer SSH client with git to clone or fetch using SSH, the following error might be observed:
git fetch
Fetching origin
dxxxxx#your.gerrit.host: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.
error: Could not fetch origin
Done
Solution
You must provide a key type that is accepted by OpenSSH 8.8. OpenSSH recommends e.g. Ed25519:
ssh-keygen -t ed25519 -C "your_email#example.com"
copy content of ".ssh/id_ed25519.pub" to your Gerrit user settings
If your $HOME/.ssh/config file sets the IdentityFile option, then you may need to change the path accordingly, e.g.:
Host your.gerrit.host
IdentityFile ~/.ssh/id_ed25519
Alternatively you can configure the client to accept RSA by adding this ssh config option in ~/.ssh/config:
PubkeyAcceptedKeyTypes +ssh-rsa
I had a similar issue recently on Windows and GitBash. I downgraded to GitBash 2.27 and it worked again.
I'm trying since hours to get the ssh login working.
The Server is on Debian 10 and the clients are on Linux Mint and Windows 10.
This is the error trying to login with:
ssh -Tvvv git#dev.example.io
debug1: Will attempt key: /home/herbert/.ssh/pubkey RSASHA256:LygJtb4xx3RHfaMr1wM3sgSjTnj59nNUFgnQZO/0xoo explicit agent
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred:
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/herbert/.ssh/pubkey RSA SHA256:LygJtb4xx3RHfaMr1qM3sgSjTnj59nNUFgnQZO/0xoo explicit agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
git#dev.example.io: Permission denied (publickey).
This is the ssh config file:
Host dev.example.io
HostName dev.example.io
PreferredAuthentications publickey
IdentityFile ~/.ssh/pubkey
PubkeyAcceptedKeyTypes +ssh-rsa
I have also tried "Fast lookup of authorized SSH keys in the database" to get things working, but they don't.
Maybe someone has an idea how to debug what is going wrong, for the moment I have no idea > it's a fresh gitlab installation and I have never had this problem before with an installation.
Thank you.
PS: Of cause > the rsa keys are correct on gitlab and they are also correct saved in the autohorized_keys file.
Whenever the SSH looks OK on client side, and yet is refused by the server side, assuming you have access to the server, you can consider debugging there.
On that Debian server:
stop the SSH daemon
relaunch it manually (using its full path)
make one connection from the client
look on the server stdout the output from the daemon
That is, on Debian server side:
sudo systemctl stop ssh.service
/usr/sbin/sshd -dd
I have add public key id_rsa.pub to remote /home/user authorizationkeys. About permission this file was 600 and parent dir .ssh was 700. I have also modified sshd_config.
when I perform ssh -vv user#remote errors show below
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/hjjj/.ssh/identity ((nil))
debug2: key: /home/hjjj/.ssh/id_rsa (0x55b3d8c54bc0)
debug2: key: /home/hjjj/.ssh/id_dsa ((nil))
debug2: key: /home/hjjj/.ssh/id_ecdsa ((nil))
debug3: Wrote 84 bytes for a total of 1309
debug1: Authentications that can continue: password,publickey
debug3: start over, passed a different list password,publickey
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/hjjj/.ssh/identity
debug3: no such identity: /home/hjjj/.ssh/identity
debug1: Offering public key: /home/hjjj/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 388 bytes for a total of 1697
debug1: Authentications that can continue: password,publickey
debug1: Trying private key: /home/hjjj/.ssh/id_dsa
debug3: no such identity: /home/hjjj/.ssh/id_dsa
debug1: Trying private key: /home/hjjj/.ssh/id_ecdsa
debug3: no such identity: /home/hjjj/.ssh/id_ecdsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
123_hjjj#remote's password:
debug3: packet_send2: adding 48 (len 65 padlen 15 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug3: Wrote 148 bytes for a total of 1845.
--- edit ---
Thanks first. I checked below: I haved login client with non-root userA and I want to login remote server with non-root userB which I can access successfully with password authentication. I also add userA's id_rsa.pub to userB's authorized_keys file. The sshd_config was---
# Authentication:
#LoginGraceTime 2m
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedKeysCommand none
#AuthorizedKeysCommandRunAs nobody
And I can't find auth.log under /var/log but /var/log/secure. After I execute ssh userB#remote -p 9998 on client, the log output was:
sshd[22208]: Connection closed by 192.168.5.38
When you have problems with ssh, it's always a good idea to start ssh with -v.
From your log you can see that you offered your key (Offering public key: /home/hjjj/.ssh/id_rsa),
but it wasn't accepted (missing Server accepts key)
The next steps on the client side should be:
Verify you are using the correct user
Verify that you are connecting to the expected server
Then you should switch to the server:
Check your /etc/ssh/sshd_config for PubkeyAuthentication yes
Check the entries in /var/log/auth.log
I wanted to setup passwordless login from my local machine to this Linux server. When I tried to upload my public key I found that there is no .ssh on the server. So I created one with ssh-keygen on the server. However in the newly generated .ssh directory, there is no authorized_keys or known_hosts. So I made a new authorized_keys and pasted my public key from local machine. However it does not work, still need password for ssh. Can anyone tell me if I am doing it right?
Here is the output of ssh -vvv:
debug1: Authentications that can continue: publickey,gssapi-with-mic,password,keyboard-interactive
debug3: start over, passed a different list publickey,gssapi-with-mic,password,keyboard-interactive
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug3: Trying to reverse map address .
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_198782' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_198782' not found
debug1: Unspecified GSS failure. Minor code may provide more information
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_198782' not found
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /rsrch2/rists/djiao/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1477
debug1: Authentications that can continue: publickey,gssapi-with-mic,password,keyboard-interactive
debug1: Trying private key: /rsrch2/rists/djiao/.ssh/id_dsa
debug3: no such identity: /rsrch2/rists/djiao/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: Wrote 96 bytes for a total of 1573
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Simply create it and copy your key over to it. If you have a key-copy tool then just create the file via
$ touch ~/.ssh/authorized_keys
before using the tool.
It might help to connect using -vvv for verbosity.
On the client and on the server, check that ~/.ssh has permissions 700.
On the server, check that /etc/ssh/sshd_config has:
AuthorizedKeysFile .ssh/authorized_keys
PubkeyAuthentication yes
RSAAuthentication yes