We Keep Coding

Why is `ssh` not working after adding public key to authorized hosts?

I have a cluster set up with a master node and one slave node. I'd like to ssh to and from the master and slave nodes.
Now, I am able to ssh from both my local machine, and from my master node into the slave directly, using my private key: ssh -i ~/.ssh/id_rsa ec2-user#<IP>. I get asked for a password, and I enter it and can access the slave node from both my local machine, and my dev master.
Ideally, I want to remove my private id_rsa key from the ~/.ssh directory on dev master and only use my public key id_rsa.pub to ssh back and forth between master and slave nodes. (this is for security reasons, and plus it shouldn't be that difficult, right?).
So, I added my public key id_rsa.pub to authorized_keys on the slave node. Now, when I try to ssh from the master node to the slave it asks me for a password for the id_rsa.pub:
ssh -i ~/.ssh/id_rsa.pub ec2-user#<IP>
Enter passphrase for key '~/.ssh/id_rsa.pub'
And, I enter the same password I do for id_rsa but that password fails. :/ (I also tried just pressing enter (no password)) doesn't work either.
I have two questions to this:
1) Why isn't the password for id_rsa.pub the same as id_rsa?
2) Why can't I ssh into the slave node using my public key id_rsa.pub when it is added to the authorized_keys file?
When I try to ssh from my master to my slave, with the public key added to ~/.ssh/authorized_keys here is the verbose output:
debug2: ssh_connect: needpriv0
debug1: Connecting to <ip> [<ip>] port 22.
debug1: Connection established.
debug1: identity file /home/ec2-user/.ssh/identity type -1
debug3: Not a RSA1 key file /home/ec2-user/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/ec2-user/.ssh/id_rsa type 1
debug1: identity file /home/ec2-user/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 792 bytes for a total of 813
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug3: Wrote 24 bytes for a total of 837
debug2: dh_gen_key: priv key bits set: 138/256
debug2: bits set: 508/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: Wrote 144 bytes for a total of 981
debug3: check_host_in_hostfile: filename /home/ec2-user/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host '<ip>' is known and matches the RSA host key.
debug1: Found key in /home/ec2-user/.ssh/known_hosts:1
debug2: bits set: 521/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 997
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 48 bytes for a total of 1045
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/ec2-user/.ssh/identity ((nil))
debug2: key: /home/ec2-user/.ssh/id_rsa (0x7f2d4970bf40)
debug2: key: /home/ec2-user/.ssh/id_dsa ((nil))
debug3: Wrote 64 bytes for a total of 1109
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-keyex
debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-keyex
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug2: we did not send a packet, disable method
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug3: Trying to reverse map address <ip>.
debug1: Unspecified GSS failure. Minor code may provide more information
Server krbtgt/US-WEST-2.COMPUTE.INTERNAL#host.COM not found in Kerberos database
debug2: we sent a gssapi-with-mic packet, wait for reply
debug3: Wrote 96 bytes for a total of 1205
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/ec2-user/.ssh/identity
debug3: no such identity: /home/ec2-user/.ssh/identity
debug1: Offering public key: /home/ec2-user/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1573
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug2: input_userauth_pk_ok: SHA1 fp df:e5:5b:18:67:05:8b:4d:06:6c:f9:99:c3:b5:2b:9f:4e:f2:52:8a
debug3: sign_and_send_pubkey
debug1: read PEM private key done: type RSA
debug3: Wrote 640 bytes for a total of 2213
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Trying private key: /home/ec2-user/.ssh/id_dsa
debug3: no such identity: /home/ec2-user/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
I don't know why it won't let me ssh into the slave node, when my public key has been added as an authorized_keys.
Or, if there is an easier way to ssh between master and slave nodes, I'd be open to that as well. Thanks.

Public and Private keys are lock key pairs. Your public key is not a key but a lock. You can give away that lock to anyone but never your private key. Your server has that lock. As stated in the comment below, you cannot open a lock with a lock. Using ssh -i privatekey ip#aws will work. Not ssh -i publickey ip#aws.

ssh -i ~/.ssh/id_rsa.pub ec2-user#<IP>
You should use private key here. Not the public one. SSH is wrongly asking passphrase for quite everything in few recent version, but it should be fixed now.
2) Why can't I ssh into the slave node using my public key id_rsa.pub when it is added to the authorized_keys file?
The keys are probably set up wrong. Run the client and server in debug mode (LogLevel DEBUG3 in ssh_confing and sshd_config) and have a look on the logs. If you will not be able to find out from that, update the question with the logs.
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug2: input_userauth_pk_ok: SHA1 fp df:e5:5b:18:67:05:8b:4d:06:6c:f9:99:c3:b5:2b:9f:4e:f2:52:8a
debug3: sign_and_send_pubkey
debug1: read PEM private key done: type RSA
debug3: Wrote 640 bytes for a total of 2213
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
The logs above says that the key was accepted, but it was not enough to grant you access to that server. More information will be visible in the server log.

SSH public key authentication doesn't work only on special user

I'm having trouble setting up public key authentication for an SSH server on CentOS 6.8. What is strange is that when I login with a postgres user it goes well, but when I login with the 'barman' user which is created automatically by installing barman it always needs password.
The 'postgres' user's home directory and the barman user's home directory are in the same folder. I think the problem has nothing to do with the sshd config, tried to set the barman's home path, the .ssh path and the authorized_keys's permission all the same as postgres. But it still doesn't work .
This is what I get after run ssh localhost -vvv:
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [::1] port 22.
debug1: Connection established.
debug3: Not a RSA1 key file /var/lib/barman/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /var/lib/barman/.ssh/id_rsa type 1
debug1: identity file /var/lib/barman/.ssh/id_rsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 960 bytes for a total of 981
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14- sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01#openssh.com,ssh-dss- cert-v01#openssh.com,ssh-rsa-cert-v00#openssh.com,ssh-dss-cert-v00#openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256- ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac- sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug3: Wrote 24 bytes for a total of 1005
debug2: dh_gen_key: priv key bits set: 139/256
debug2: bits set: 514/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: Wrote 144 bytes for a total of 1149
debug3: check_host_in_hostfile: host localhost filename /var/lib/barman/.ssh/known_hosts
debug3: check_host_in_hostfile: host localhost filename /var/lib/barman/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'localhost' is known and matches the RSA host key.
debug1: Found key in /var/lib/barman/.ssh/known_hosts:1
debug2: bits set: 523/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1165
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 48 bytes for a total of 1213
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /var/lib/barman/.ssh/id_rsa (0x7f6ef1fcc740)
debug3: Wrote 64 bytes for a total of 1277
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-keyex
debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-keyex
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug2: we did not send a packet, disable method
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug3: Trying to reverse map address ::1.
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_498' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_498' not found
debug1: Unspecified GSS failure. Minor code may provide more information
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_498' not found
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /var/lib/barman/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1645
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
barman#localhost's password:

The authorized_keys file that is inside the user’s home directory has the wrong context. In this example, the context of the file is “unconfined_u:object_r:httpd_sys_content_t:s0”. The context sshd is running in does not have access to this context, resulting in SELinux denying access to the file. With no access to the file, the key authentication fails.
run the following command to reset it:
chcon -R unconfined_u:object_r:user_home_t:s0 /path/to/users/homedirectory/.ssh/

ansible unable to ssh but manual ssh successful

I am trying to ping remote host using module: ping. my hosts file looks like below:
[groupA] HostA ansible_connection=ssh ansible_user=userA
command: ansible -i hosts -m ping all
Manually I am able to ssh successfully using same userA on HostA, but not via ansible
Debug logs from ansible:
No config file found; using defaults Loaded callback minimal of
type stdout, v2.0 ESTABLISH SSH CONNECTION FOR USER:
userA SSH: EXEC ssh -C -vvv -o StrictHostKeyChecking=no
-o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
-o PasswordAuthentication=no -o User=userA -o ConnectTimeout=10 HostA '/bin/sh -c '"'"'( umask 77 && mkdir -p "echo
/tmp/ansible-userB/ansible-tmp-1473143642.15-125405279117948" &&
echo ansible-tmp-1473143642.15-125405279117948="echo
/tmp/ansible-userB/ansible-tmp-1473143642.15-125405279117948" ) &&
sleep 0'"'"''
Source Host O.S details:
LSB Version:
:base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
Distributor ID: RedHatEnterpriseServer Description: Red Hat
Enterprise Linux Server release 6.8 (Santiago) Release: 6.8
Codename: Santiago
Target Host O.S details:
bash-4.1$ lsb_release -a
LSB Version:
:base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
Distributor ID: RedHatEnterpriseServer Description: Red
Hat Enterprise Linux Server release 6.8 (Santiago) Release:
6.8 Codename: Santiago
EDIT: Manual commands:
ssh UserA#HostA
//Some lines of sshing to the remote host
-sh$: hostname -f
HostA
-sh$:
EDIT2:
Output from running ssh: EXEC command
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013 debug1: Reading
configuration data /etc/ssh/ssh_config debug1: Applying options for *
debug2: ssh_connect: needpriv 0 debug1: Connecting to hostA [IP port]
port 22. debug2: fd 3 setting O_NONBLOCK debug1: fd 3 clearing
O_NONBLOCK debug1: Connection established. debug3: timeout: 9924 ms
remain after connect debug1: identity file /home/userB/.ssh/identity
type -1 debug1: identity file /home/userB/.ssh/identity-cert type -1
debug3: Not a RSA1 key file /home/userB/.ssh/id_rsa. debug2:
key_type_from_name: unknown key type '-----BEGIN' debug3: key_read:
missing keytype debug3: key_read: missing whitespace debug3: key_read:
missing whitespace debug3: key_read: missing whitespace debug3:
key_read: missing whitespace debug3: key_read: missing whitespace
debug3: key_read: missing whitespace debug3: key_read: missing
whitespace debug3: key_read: missing whitespace debug3: key_read:
missing whitespace debug3: key_read: missing whitespace debug3:
key_read: missing whitespace debug3: key_read: missing whitespace
debug3: key_read: missing whitespace debug3: key_read: missing
whitespace debug3: key_read: missing whitespace debug3: key_read:
missing whitespace debug3: key_read: missing whitespace debug3:
key_read: missing whitespace debug3: key_read: missing whitespace
debug3: key_read: missing whitespace debug3: key_read: missing
whitespace debug3: key_read: missing whitespace debug3: key_read:
missing whitespace debug3: key_read: missing whitespace debug3:
key_read: missing whitespace debug2: key_type_from_name: unknown key
type '-----END' debug3: key_read: missing keytype debug1: identity
file /home/userB/.ssh/id_rsa type 1 debug1: identity file
/home/userB/.ssh/id_rsa-cert type -1 debug1: identity file
/home/userB/.ssh/id_dsa type -1 debug1: identity file
/home/userB/.ssh/id_dsa-cert type -1 debug1: identity file
/home/userB/.ssh/id_ecdsa type -1 debug1: identity file
/home/userB/.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version
2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3 debug2: fd 3 setting
O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug3: Wrote 960 bytes for a
total of 981 debug1: SSH2_MSG_KEXINIT received debug2:
kex_parse_kexinit: debug2: kex_parse_kexinit: debug2:
kex_parse_kexinit: debug2: kex_parse_kexinit: debug2:
kex_parse_kexinit: debug2: kex_parse_kexinit: debug2:
kex_parse_kexinit: zlib#openssh.com,zlib,none debug2:
kex_parse_kexinit: zlib#openssh.com,zlib,none debug2:
kex_parse_kexinit: debug2: kex_parse_kexinit: debug2:
kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit:
reserved 0 debug2: kex_parse_kexinit: debug2: kex_parse_kexinit:
ssh-rsa,ssh-dss debug2: kex_parse_kexinit: debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2:
kex_parse_kexinit: none,zlib#openssh.com debug2: kex_parse_kexinit:
none,zlib#openssh.com debug2: kex_parse_kexinit: debug2:
kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found
hmac-md5 debug1: kex: server->client debug2: mac_setup: found
hmac-md5 debug1: kex: client->server debug1:
SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting
SSH2_MSG_KEX_DH_GEX_GROUP debug3: Wrote 24 bytes for a total of 1005
debug2: dh_gen_key: priv key bits set: 123/256 debug2: bits set:
506/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting
SSH2_MSG_KEX_DH_GEX_REPLY debug3: Wrote 144 bytes for a total of 1149
debug3: check_host_in_hostfile: host hostA filename
/home/userB/.ssh/known_hosts debug3: check_host_in_hostfile: host
hostA filename /home/userB/.ssh/known_hosts debug3:
check_host_in_hostfile: match line 1 debug3: check_host_in_hostfile:
host IP port filename /home/userB/.ssh/known_hosts debug3:
check_host_in_hostfile: host IP port filename
/home/userB/.ssh/known_hosts debug3: check_host_in_hostfile: match
line 1 debug1: Host 'hostA' is known and matches the RSA host key.
debug1: Found key in /home/userB/.ssh/known_hosts:1 debug2: bits set:
505/1024 debug1: ssh_rsa_verify: signature correct debug2:
kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS
sent debug1: expecting SSH2_MSG_NEWKEYS debug3: Wrote 16 bytes for a
total of 1165 debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS
received debug1: SSH2_MSG_SERVICE_REQUEST sent debug3: Wrote 48 bytes
for a total of 1213 debug2: service_accept: ssh-userauth debug1:
SSH2_MSG_SERVICE_ACCEPT received debug2: key:
/home/userB/.ssh/identity ((nil)) debug2: key: /home/userB/.ssh/id_rsa
(0x7ffb0551e430) debug2: key: /home/userB/.ssh/id_dsa ((nil)) debug2:
key: /home/userB/.ssh/id_ecdsa ((nil)) debug3: Wrote 64 bytes for a
total of 1277 debug3: input_userauth_banner
debug1: Authentications that can continue: debug3: start over, passed
a different list debug3: preferred debug3: authmethod_lookup
gssapi-with-mic debug3: remaining preferred: debug3:
authmethod_is_enabled debug1: Next authentication method: debug3:
Trying to reverse map address IP port. debug1: Unspecified GSS
failure. Minor code may provide more information Credentials cache
file '/tmp/krb5cc_' not found
debug1: Unspecified GSS failure. Minor code may provide more
information Credentials cache file '/tmp/krb5cc_' not found
debug1: Unspecified GSS failure. Minor code may provide more
information
debug1: Unspecified GSS failure. Minor code may provide more
information Credentials cache file '/tmp/krb5cc_' not found
debug2: we did not send a packet, disable method debug3:
authmethod_lookup gssapi-keyex debug3: remaining preferred: debug3:
authmethod_is_enabled gssapi-keyex debug1: Next authentication method:
gssapi-keyex debug1: No valid Key exchange context debug2: we did not
send a packet, disable method debug3: authmethod_lookup publickey
debug3: remaining preferred: ,publickey debug3: authmethod_is_enabled
publickey debug1: Next authentication method: publickey debug1: Trying
private key: /home/userB/.ssh/identity debug3: no such identity:
/home/userB/.ssh/identity debug1: Offering public key:
/home/userB/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a
publickey packet, wait for reply debug3: Wrote 368 bytes for a total
of 1645 debug1: Server accepts key: pkalg ssh-rsa blen 277 debug2:
input_userauth_pk_ok: debug3: sign_and_send_pubkey: debug1: read PEM
private key done: type RSA debug3: Wrote 640 bytes for a total of 2285
debug1: Enabling compression at level 6. debug1: Authentication
succeeded (publickey). debug1: channel 0: new [client-session] debug3:
ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1:
Requesting no-more-sessions#openssh.com debug1: Entering interactive
session. debug3: Wrote 112 bytes for a total of 2397 debug2: callback
start debug2: client_session2_setup: id 0 debug2: channel 0: request
pty-req confirm 1 debug1: Sending environment. debug3: Ignored env
debug3: Ignored env debug3: Ignored env MANPATH debug3: Ignored env
debug3: Ignored env HOSTNAME debug3: Ignored env
ANSIBLE_HOST_KEY_CHECKING debug3: Ignored env ANSIBLE_SSH_ARGS debug3:
Ignored env debug3: Ignored env TERM debug3: Ignored env SHELL
debug3: Ignored env HISTSIZE debug3: Ignored env QTDIR debug3: Ignored
env OLDPWD debug3: Ignored env QTINC debug3: Ignored env USER debug3:
Ignored env ANSIBLE_REMOTE_TEMP debug3: Ignored env LS_COLORS debug3:
Ignored env debug3: Ignored env TMOUT debug3: Ignored env debug3:
Ignored env PAGER debug3: Ignored env PATH debug3: Ignored env
debug3: Ignored env PWD debug3: Ignored env JAVA_HOME debug3: Ignored
env LMFILES debug3: Ignored env EFS_SERVERNAME debug3: Ignored env
EDITOR debug1: Sending env LANG = en_US.utf8 debug2: channel 0:
request env confirm 0 debug3: Ignored env MODULEPATH debug3: Ignored
env debug3: Ignored env LOADEDMODULES debug3: Ignored env
ANSIBLE_SCP_IF_SSH debug3: Ignored env ANSIBLE_TRANSPORT debug3:
Ignored env HISTCONTROL debug3: Ignored env debug3: Ignored env SHLVL
debug3: Ignored env HOME debug3: Ignored env debug3: Ignored env
PYTHONPATH debug3: Ignored env PBUSER debug3: Ignored env LOGNAME
debug3: Ignored env QTLIB debug3: Ignored env CVS_RSH debug3: Ignored
env LESSOPEN debug3: Ignored env EFS_PLATFORM64 debug3: Ignored env
G_BROKEN_FILENAMES debug3: Ignored env BASH_FUNC_append() debug3:
Ignored env BASH_FUNC_addpath() debug3: Ignored env BASH_FUNC_module()
debug3: Ignored env BASH_FUNC_prepend() debug3: Ignored env
BASH_FUNC_delpath() debug3: Ignored env BASH_FUNC_showpath() debug3:
Ignored env _ debug2: channel 0: request shell confirm 1 debug2: fd 3
setting TCP_NODELAY debug2: callback done debug2: channel 0: open
confirm rwindow 0 rmax 32768 debug3: Wrote 320 bytes for a total of
2717 debug2: channel_input_status_confirm: type 99 id 0 debug2: PTY
allocation request accepted on channel 0 debug2: channel 0: rcvd
adjust 2097152 debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0 Last login: Tue Sep 6
07:24:55 2016 from hostB

Did you try to skip the authentication of ssh?
In the file /etc/ssh/ssh_config or ~/.ssh/config, add following lines.
Host *
StrictHostKeyChecking no
or add following lines in the ansible.cfg
[defaults]
host_key_checking = False

ssh-copy-id asking for password & ssh closing

I'm currently deploying a Centreon server on 2 docker containers. (One for central server and one for the Poller)
The 2 containers are runnning CentOS 6.7
When runnning :
$ ssh-copy-id -i .ssh/id_rsa.pub centreon#adress
I always have :
The authenticity of host 'address (address)' can't be established.
RSA key fingerprint is xx.xx.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'address' (RSA) to the list of known hosts.
centreon#address's password:
I should also have
Now try logging into the machine, with "ssh 'centreon#address'", and check in:
~/.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
But I don't
Tried some things to solve this.
1)
.ssh/ has drwx------ acccess
.ssh/id_rsa and .ssh/id_rsa.pub both have -rw-r--r-- access
2)
in
/etc/ssh/sshd_config
the options :
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
are activated.
I noticed that .ssh/authorized_keys isn't created.
What could be the issue ?
EDIT :
ssh centreon#address
prompts for password and then returns :
connection to address closed
ssh centreon#address -v -v -v -v result :
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to address [address] port 22.
debug1: Connection established.
debug1: identity file /var/spool/centreon/.ssh/identity type -1
debug1: identity file /var/spool/centreon/.ssh/identity-cert type -1
debug3: Not a RSA1 key file /var/spool/centreon/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /var/spool/centreon/.ssh/id_rsa type 1
debug1: identity file /var/spool/centreon/.ssh/id_rsa-cert type -1
debug1: identity file /var/spool/centreon/.ssh/id_dsa type -1
debug1: identity file /var/spool/centreon/.ssh/id_dsa-cert type -1
debug1: identity file /var/spool/centreon/.ssh/id_ecdsa type -1
debug1: identity file /var/spool/centreon/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 960 bytes for a total of 981
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01#openssh.com,ssh-dss-cert-v01#openssh.com,ssh-rsa-cert-v00#openssh.com,ssh-dss-cert-v00#openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug3: Wrote 24 bytes for a total of 1005
debug2: dh_gen_key: priv key bits set: 131/256
debug2: bits set: 505/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: Wrote 144 bytes for a total of 1149
debug3: check_host_in_hostfile: host address filename /var/spool/centreon/.ssh/known_hosts
debug3: check_host_in_hostfile: host address filename /var/spool/centreon/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'address' is known and matches the RSA host key.
debug1: Found key in /var/spool/centreon/.ssh/known_hosts:1
debug2: bits set: 517/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1165
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 48 bytes for a total of 1213
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /var/spool/centreon/.ssh/identity ((nil))
debug2: key: /var/spool/centreon/.ssh/id_rsa (0x7f4139c52a30)
debug2: key: /var/spool/centreon/.ssh/id_dsa ((nil))
debug2: key: /var/spool/centreon/.ssh/id_ecdsa ((nil))
debug3: Wrote 64 bytes for a total of 1277
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-keyex
debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-keyex
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug2: we did not send a packet, disable method
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug3: Trying to reverse map address address.
debug1: Unspecified GSS failure. Minor code may provide more information
Cannot determine realm for numeric host address
debug1: Unspecified GSS failure. Minor code may provide more information
Cannot determine realm for numeric host address
debug1: Unspecified GSS failure. Minor code may provide more information
debug1: Unspecified GSS failure. Minor code may provide more information
Cannot determine realm for numeric host address
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /var/spool/centreon/.ssh/identity
debug3: no such identity: /var/spool/centreon/.ssh/identity
debug1: Offering public key: /var/spool/centreon/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1645
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /var/spool/centreon/.ssh/id_dsa
debug3: no such identity: /var/spool/centreon/.ssh/id_dsa
debug1: Trying private key: /var/spool/centreon/.ssh/id_ecdsa
debug3: no such identity: /var/spool/centreon/.ssh/id_ecdsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
centreon#address's password:
debug3: packet_send2: adding 48 (len 61 padlen 19 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug3: Wrote 144 bytes for a total of 1789
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug3: Wrote 128 bytes for a total of 1917
debug2: callback start
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug1: Sending environment.
debug3: Ignored env HOSTNAME
debug3: Ignored env SHELL
debug3: Ignored env TERM
debug3: Ignored env HISTSIZE
debug3: Ignored env QTDIR
debug3: Ignored env QTINC
debug3: Ignored env USER
debug3: Ignored env LS_COLORS
debug3: Ignored env MAIL
debug3: Ignored env PATH
debug3: Ignored env PWD
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env HISTCONTROL
debug3: Ignored env SHLVL
debug3: Ignored env HOME
debug3: Ignored env LOGNAME
debug3: Ignored env QTLIB
debug3: Ignored env CVS_RSH
debug3: Ignored env LESSOPEN
debug3: Ignored env G_BROKEN_FILENAMES
debug3: Ignored env _
debug2: channel 0: request shell confirm 1
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug3: Wrote 448 bytes for a total of 2365
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Last login: Wed May 4 15:43:59 2016 from address
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow#openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
debug3: channel 0: close_fds r -1 w -1 e 6
debug3: Wrote 32 bytes for a total of 2397
debug3: Wrote 64 bytes for a total of 2461
Connection to address closed.
Transferred: sent 2264, received 2192 bytes, in 0.0 seconds
Bytes per second: sent 265256.1, received 256820.4
debug1: Exit status 254

Your private key .ssh/id_rsa must be readable only by yourself.
$ chmod 700 $HOME/.ssh/id_rsa
Then
$ ssh-copy-id <user>#<host>

PAM Authentication was causing trouble.
commenting usePAM yes and everything goes right.
Thanks Ra_ for making me stay more on the sshd_config file.

Permission denied when using sshpass

I am running HP-UX 11.31, trying to use sshpass to connect to a vendor's system and retrieve a file using sftp. When I run sftp manually, I am able to connect by entering a password. Thus, the command sftp $USERID#$SERVER works fine. The vendor's system prompts for a password with $USERID#$SERVER's password:, then I enter the password by hand and get the sftp prompt.
When I use sshpass I receive a Permission denied (publickey, password) error. My command is sshpass -e sftp $USERID#$SERVER << EOF followed by the commands to change directories, retrieve the desired file, and exit. I have tried adding the BatchMode=no and StrictHostKeyChecking=no parameters to the sftp command, but the result is the same.
What am I doing wrong? How can I make this work?
Please do not tell me to perform a key exchange or lecture me about the security issues involved here. I already know. I have no authority to change the situation.
EDIT: Here is the output of sftp -vvv, as requested:
OpenSSH_5.5p1+sftpfilecontrol-v1.3-hpn13v7, OpenSSL 0.9.8n 24 Mar 2010
HP-UX Secure Shell-A.05.50.014, HP-UX Secure Shell version
debug1: Reading configuration data /opt/ssh/etc/ssh_config
debug3: RNG is ready, skipping seeding
debug2: ssh_connect: needpriv 0
debug1: Connecting to archive.companykitchen.com [199.91.127.120] port 22.
debug1: Connection established.
debug1: identity file /home/pbewig/.ssh/id_rsa type -1
debug1: identity file /home/pbewig/.ssh/id_rsa-cert type -1
debug3: Not a RSA1 key file /home/pbewig/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/pbewig/.ssh/id_dsa type 2
debug1: identity file /home/pbewig/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH*
debug1: Remote is NON-HPN aware
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.5p1+sftpfilecontrol-v1.3-hpn13v7
debug2: fd 5 setting O_NONBLOCK
debug3: RNG is ready, skipping seeding
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: AUTH STATE IS 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v00#openssh.com,ssh-dss-cert-v00#openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm#openssh.com,aes256-gcm#openssh.com,chacha20-poly1305#openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm#openssh.com,aes256-gcm#openssh.com,chacha20-poly1305#openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-ripemd160-etm#openssh.com,hmac-sha1-96-etm#openssh.com,hmac-md5-96-etm#openssh.com,hmac-md5,hmac-sha1,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-ripemd160-etm#openssh.com,hmac-sha1-96-etm#openssh.com,hmac-md5-96-etm#openssh.com,hmac-md5,hmac-sha1,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: REQUESTED ENC.NAME is 'aes128-ctr'
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: REQUESTED ENC.NAME is 'aes128-ctr'
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 135/256
debug2: bits set: 513/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: host archive.companykitchen.com filename /home/pbewig/.ssh/known_hosts
debug3: check_host_in_hostfile: host archive.companykitchen.com filename /home/pbewig/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 26
debug3: check_host_in_hostfile: host 199.91.127.120 filename /home/pbewig/.ssh/known_hosts
debug3: check_host_in_hostfile: host 199.91.127.120 filename /home/pbewig/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 27
debug1: Host 'archive.companykitchen.com' is known and matches the RSA host key.
debug1: Found key in /home/pbewig/.ssh/known_hosts:26
debug2: bits set: 502/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/pbewig/.ssh/id_rsa (0)
debug2: key: /home/pbewig/.ssh/id_dsa (40052840)
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred:
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/pbewig/.ssh/id_rsa
debug3: no such identity: /home/pbewig/.ssh/id_rsa
debug1: Offering public key: /home/pbewig/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,password).
Connection closed
It seems to be trying to send a public key and ignoring the password from sshpass.